Thursday, January 7, 2010

RSA Encryption 768-bit Keys Broken

Bad news if you're not using the 1024-bit keys for RSA cryptography - the 768-bit keys have been broken. And it's only a matter of time until 1024 bites the dust.

From The Register:

An international team of mathematicians, computer scientists and cryptographers broke the key though NFS, or number field sieve, which allowed them to deduce two prime numbers that when multiplied together generated a number with 768 bits. The discovery, which took about two-and-a-half years and hundreds of general-purpose computers, means RSA keys can no longer be counted on to encrypt or authenticate sensitive communications.

With the quantum increases in computer processing power, what took 2 1/2 years today might take a year in 2011, and 4 months in 2013, so it's only a matter of time before the RSA 1024-bit is also broken. While the article posits a decade, it's more likely to happen sooner.

The real issue is that there are quite a few devices using shorter key lengths than 1024 bits because of their limited processing ability. Keys of 300 characters or less can be broken within hours on a standard personal computer, and 512 bits is easily defeated in weeks on typical hardware configurations.

Current best practice is a key of 2048 bits, and using today's technology, breaking a 4096-bit key seems unlikely. But that only provides additional time to develop more secure algorithms, as processing advances makes this a math problem that will eventually be solved.

It will be interesting to see how vendors react, especially those who market products that rely on the shorter key lengths. RSA encryption is already slower than some other symmetric algorithms, and if the devices already choke on longer keys, moving to 2048 or 4096 will be impractical.

No comments:

Post a Comment

Please tell me what you think.