Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

768-bit RSA encryption cracked

The process — carried out in early December — generated a five-terabyte decryption table and, say the researchers, would have taken them around 1,500 years using an AMD Opteron-based single PC.

The first stage in the decryption procedure involved identifying appropriate integers and then arraying these into a matrix, a process that reportedly took less than a day using a clustered PC system, and then working on the matrix to produce a code table.

According to the researchers, the overall effort involved in decryption is sufficiently low that even for short-term protection of data of little value, 768-bit RSA moduli can no longer be recommended.

Commenting on the decryption breakthrough, Andy Cordial, managing director of Origin Storage, a storage systems integration specialist, said that whilst the cracking exploit is impressive, it highlights the fact that the days of relying on encryption alone as a means of defending private data are now drawing to a close.

Cordial argues that the use of a PIN-based protection — and even biometric authentication — alongside a fully encrypted drive is now the logical choice for companies wanting to protect sensitive data from prying eyes.

And now that a 768-bit RSA crypto decryption table has been produced, he says that organisations can no longer expect their encrypted data to be secure from anyone equipped with a RAID-driven high-powered PC.

Furthermore, he said, it's even conceivable that a regulator at some stage in the future may take a dim view of, say, a bank claiming that its encryption system is sufficient to protect customer data — especially in a mobile situation — from prying eyes.

"We are," said Cordial, "rapidly reaching the stage where a single layer of protection for data is starting to become about as effective as a chocolate teapot against high-powered crypto hackers."

"And since biometric-enhanced encryption systems are still relatively expensive, the logical choice is a PIN/password-enhanced external encrypted drive such as our DataLocker range which uses a hardware based AES/CBC encryption chip, backed up by an onboard PIN/password unit," he said.

"At the very least, this will allow the CEO or chairman to put his/her hand on heart and say the company's data is secure whilst in transit from one place to another. That's a claim you can't truly make any more with single factor encryption," he added.

What’s Hot on Infosecurity Magazine?