Engadget published an entry this week, which fabulously claims that the 1024-bit RSA cryptosystem has been cracked by a team of researchers at the University of Michigan.
According to the report, the researchers were able to tweak the voltage sent to a Sun SPARC-based CPU to create calculation errors in the RSA signatures used in SSL encryption and authentication. After sending corrupted RSA signatures off to a cluster of 81 2.4GHz Pentium 4s, the researchers were eventually able to piece together the private key used to bust SSL open.
“That’s why they’re presenting a paper at the Design, Automation and Test conference this week in Europe, and that’s why — until RSA hopefully fixes the flaw — you should keep a close eye on your server room’s power supply,” Engadget concludes with sensation. There’s just one tiny, little problem: it’s not a flaw that can be fixed, and 1024-bit RSA hasn’t been cracked.
Legitimately breaking a cryptosystem requires that you produce plaintext from the ciphertext with no access to the private key that’s used to decrypt the material. Cracking RSA in this manner would pave the way for exploits that could compromise banking sites, credit card transactions, VPN connections, secure FTP connections and email servers. The researchers at the University of Michigan, however, did not fundamentally compromise RSA in this manner.
Instead, the U of M boffins performed a technique known as differential power analysis. DPA is a method that attempts to recover the private key of a cryptosystem by tampering with, recording and then analyzing the electrical signals of a device involved with cryptography. In this case, the researchers analyzed the signals from a processor. The theory goes that DPA will eventually yield the key and other sensitive information if a sufficient number of cryptographic operations are analyzed.
Recovering encrypted information via DPA is a type of attack known as a side channel attack. A side channel attack is any attack that gains information based on the physical implementation of a cryptosystem, rather than through a fundamental flaw in the algorithm or a brute force attack. Side channel attacks almost always require physical access to the hardware involved with the cryptosystem as well.
Put very simply, the U of M researchers “compromised” RSA by performing the elegant equivalent of punching someone in the face until they give you the key. I think we can all agree that this is not a fundamental violation of the algorithm as Engadget suggests, nor is it a flaw that “RSA” (RSA is not an organization) needs to address.
In short, unless you choose to ignore the mysterious man plugging a homebrew voltage modulation device into your desktop, RSA continues to be a perfectly safe and viable cryptosystem for the lot of us.
Articles RSS