Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Brute force attack cracks 768-bit RSA encryption

Origin Storage : 12 January, 2010  (Technical Article)
With distributed computing attacks putting paid to 768 bit encryption, Origin Storage believes the time has come for belt and braces approaches to data protection with hardware protected PIN/Password layers over existing encryption
Hard on the heels of news that the GSM A5/1 encryption system has been cracked comes reports that a second crypto system - 768-bit RSA - has now been hung out to dry using a cluster PC brute force approach .

Weekend news that the 768-bit RSA encryption has been cracked - generating a huge five terabyte password file in the process - was met with a sanguine response from Origin Storage.

'Cracking this crypto system using a 2.2GHz Opteron processor-based PC would reportedly have taken around 1,500 years, but the process has been dramatically speeded up using distributed computer resources and cluster PC approach,' said Andy Cordial, managing director with the storage systems integration specialist.

'Whilst this crypto cracking feat is impressive, it highlights the fact that the days of relying on encryption alone as a means of defending private data are now drawing to a close,' he added.

According to Cordial, the use of a PIN-based protection - and even biometric authentication - alongside a fully encrypted drive is now the logical choice for companies wanting to protect sensitive data from prying eyes.

Now that a 768-bit RSA crypto decryption table has been produced, Origin's MD says that organisations can no longer be expect their encrypted data to be secure from anyone equipped with a RAID-driven high-powered PC.

And, he explained, it's even conceivable that a regulator at some stage in the future may take a dim view of, say, a bank claiming that its encryption system is sufficient to protect customer data - especially in a mobile situation - from prying eyes.

We are, said Cordial, rapidly reaching the stage where a single layer of protection for data is starting to become about as effective as a chocolate teapot against high-powered crypto hackers.

'And since biometric-enhanced encryption systems are still relatively expensive, the logical choice is a PIN/password-enhanced external encrypted drive such as our DataLocker range, which uses a hardware based AES/CBC encryption chip, backed up by an onboard PIN/password unit,' he said.

'At the very least, this will allow the CEO or chairman to put his/her hand on heart and say the company's data is secure whilst in transit from one place to another. That's a claim you can't truly make any more with single factor encryption,' he added.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo