Researchers at the University of Michigan have achieved a tech-marvel by moving a step further in cracking RSA. The seemingly secure; public key encryption algorithm was last cracked on 7th January, 2010. The encryption in the last crack was 768 bit but this time, the crack is on a 1024 bit encryption.

### What is RSA?

In cryptography, RSA (which stands for Rivest, Shamir and Adleman who first publicly described it) is an algorithm for public-key cryptography[1]. It is the first algorithm known to be suitable for signing as well as encryption, and was one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations.

### How was the crack achieved?

The RSA crack this time, was achieved by Valeria Bertacco, Todd Austin and Andrea Pellegrini. They varied the voltage levels at the sender end to make faulty encryptions. This helped them recreate the private key by combining a number of fragments, achieved in the process. The complete operation took 100 hours. A quote from the research paper says,

first, we develop a systematic fault-based attack on the modular exponentiation algorithm for RSA. Second, we expose and exploit a severe flaw on the implementation of the RSA signature algorithm on OpenSSL, a widely used package for SSL encryption and authentication. Third, we report on the first physical demonstration of a fault-based security attack of a complete microprocessor system running unmodified production software: we attack the original OpenSSL authentication library running on a SPARC Linux system implemented on FPGA, and extract the system’s 1024-bit RSA private key in approximately 100 hours.

### Why is this important?

The RSA encryption was believed to be quite safe and this level of a crack was not achieved, until now. The methods used here are pretty low level and have given results in 100 hours. The crack which was assumed to take a lifetime with bruteforce, has taken a mere four days. This breaks the very backbone of RSA which believes that as long as the private key is safe, it is impossible to break in, unless guessed.

### How will it affect me?

RSA is used in most of the secure connections online ranging from e-commerce to login operations. The length of the key determines the level of security. But this crack is independent of the length of the key. Also, the method is crude and easy to implement.

As a response to this crack, Some changes in the RSA implementation are imminent. Till then, let’s just hope we are secure.

[Image via:pjlighthouse ]

Tom St Denis, author of "Cryptography for Developers" and the widely used "TomLib" open source crypto libraries, offered a nice summary of this embroglio on the sci.crypt forum. Said he:

"It's misleading to think this has anything to do with key size. Of course they wouldn't make the press if they 'merely' broke a 512-bit key with their technique which is largely akin to punching a guy in the gut and stealing their wallet.

"There have been known various blinding techniques for a while…"

Interesting work, but overhyped in presentation. There may be some remedial issues for OpenSSL implementation code, but voltage manipulation is not an accessible variable for sysops at most OpenSSL installations.

This work does not, fortunately, reveal any weakness in RSA public Key crypto. It would be a disservice to readers to suggest it does.

_Vin

I agree with you. This is not really a break. It is hardware manipulation to achieve the goal.

Inteligent, but in practice this not a weakness of the crypto. However, it will be prevented.

Do you think anyone would let a hacker manipulate the voltage of his PC while doing online banking operations? I mean this guy would be sitting somewhere under the table playing with the wires?

Seriously, if we assume physical access to the machine, it would be easier and faster to freeze the memory using liquid nitrogen and recover the keys from the memory directly.

I keep thinking the date has to be wrong. It must be an article from April 1st. Isn’t it easier to just beat the computer owner with a rubber hose until she divulges the password?