Video Screencast Help
Security Community Blog

Internet Encryption Shakeup

Created: 06 Aug 2013 • Updated: 06 Aug 2013
Tariq Naik's picture
+1 1 Vote
Login to vote

This article is written based on wide spread Internet reports from Black Hat Conference at Las Vegas.

Recent advances in math and cryptology research in the academic field indicate that there might be mathematical algorithms or solutions in place to break RSA and Diffie-Hellman based encryption without obtaining the secret key and without the need of massive computing resources for significant durations of time within the next four to five years. These encryption schemes are widely on the Internet today for keeping sensitive date private right from encrypting Internet communications used for electronic commerce to securing software updates to encrypting global corporate and government networks.

The key to the security today is that there are no practical ways or efficient algorithms which can break these encryptions without obtaining the secret keys. The day such algorithms are found the encryption and hence the trust on which the Internet works will be broken.

The good news is that there are alternate encryption schemes available today which are more secured. Eliptic Curve Cryptography (ECC) whose patents are now owned by Blackberry is said to be a very secured method which is also recommended and used both by the NSA as well as the Russian Government.

Although the chances of an efficient algorithm being found to break RSA and Diffie-Hellman is still low, it a a very big risk and transitioning to ECC or some other more secured encryption standard before such an eventuality would be advisable. There is also speculation that such algorithms already exists and this was demonstrated by the highly advanced flame malware which used a new mathematical technique to ,masquerade as though it was a Microsoft update.

 

For those who are interested here is the original presentation from the Black Hat conference http://www.slideshare.net/astamos/bh-slides

 

References: -

https://www-secure.symantec.com/connect/blogs/flam...

http://www.technologyreview.com/news/517781/math-a...