768-bit RSA cracked, 1024-bit safe (for now)

Temas de debate

With the increasing computing power available to even casual users, the security-conscious have had to move on to increasingly robust encryption, lest they find their information vulnerable to brute-force attacks. The latest milestone to fall is 768-bit RSA; in a paper posted on a cryptography preprint server, academic researchers have now announced that they factored one of these keys in early December.

Most modern cryptography relies on single large numbers that are the product of two primes. If you know the numbers, it's relatively easy to encrypt and decrypt data; if you don't, finding the numbers by brute force is a big computational challenge. But this challenge gets easier every year as processor speed and efficiency increase, making "secure" a bit of a moving target. The paper describes how the process was done with commodity hardware, albeit lots of it.

Their first step involved sieving, or identifying appropriate integers; that took the equivalent of 1,500 years on one core of a 2.2GHz Opteron; the results occupied about 5TB. Those were then uniqued and processed into a matrix; because of all the previous work, actually using the matrix to factor the RSA value only took a cluster less than half a day. Although most people aren't going to have access to these sorts of clusters, they represent a trivial amount of computing power for many organizations. As a result, the authors conclude, "The overall effort is sufficiently low that even for short-term protection of data of little value, 768-bit RSA moduli can no longer be recommended." 1024-bit values should be good for a few years still.

Given that these developments are somewhat inevitable, even the authors sound a bit bored by their report. "There is nothing new to be reported for the square root step, except for the resulting factorization of RSA-768" they write. "Nevertheless, and for the record, we present some of the details." Still, they manage to have a little fun, in one place referencing a YouTube clip of a Tarantino film following their use of the term "bingo."

Visto en: http://arstechnica.com/security/news/2010/01/768-bit-rsa-cracked-1024-bi...

Opciones de visualización de comentarios

Seleccione la forma que prefiera para mostrar los comentarios y haga clic en «Guardar las opciones» para activar los cambios.

En

En español:
http://www.elmundo.es/elmundo/2010/01/08/navegante/1262962301.html

Por suerte el DNIe creo recordar que tenía claves de 2048 bits , lo cual aún es un reto casi inalcanzable de crackear...

Sí, pero no... o sí

Visto esto, sí. La clave más débil del DNIe tiene 2048 bits. Por fuerza bruta, en romper una clave RSA se tardaría casi casi una eternidad.

Pero la seguridad de un sistema completo viene determinada por el eslabón más débil de los que se compone. El caso del DNIe tiene como eslaboncillo la función hash SHA-1, que a veces se usa como resumen para firmar la clave del usuario, algo vulnerable cada vez más, según parece.

Computación Cuántica

Computación Cuántica, y todo a tomar viento. Y tiene sello español:
http://es.wikipedia.org/wiki/Juan_Ignacio_Cirac_Sasturain

Tiempo al tiempo.

¿Y cuando se aplicará esto

¿Y cuando se aplicará esto a las tarjetas de las fotocopias? :D

-------------------------------
Aprende programacion web y gana dinero con internet