http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/
RSA is an algorithm that Rivest, Shamir and Adleman first described in 1978. It is a public-key encryption method that is widely used for protecting all sorts of information, especially in the e-commerce space. It relies on the extreme difficulty of calculating the factors of very large numbers that only have two prime factors. The public key is exactly that, a product of two large primes. A 128-bit key (the product) can be a number from:
Conventional wisdom told us that as long as we have keys long enough to withstand any brute force attack with the most powerful supercomputers of the time, cracking an encryption algorithm would simply be impossible. But, this broke all the rules. They bypassed everything and went straight down to the cpu level. How did these guys at the University of Michigan have the prescience to do this? I don't know, but I am impressed and still very scared.
"By fluctuating the voltage to the CPU such that it generated a single hardware error per clock cycle, they found that they could cause the server to flip single bits of the private key at a time, allowing them to slowly piece together the password."It took 81 P4 chips and 104 hours of cpu time to achieve this feat. This is a scary thought knowing that it will only be a matter of time when a single cpu with that computing power will be able to fit inside the confines of a netbook. I'm about halfway done with this blog post and my heart is still beating at an accelerated rate.
RSA is an algorithm that Rivest, Shamir and Adleman first described in 1978. It is a public-key encryption method that is widely used for protecting all sorts of information, especially in the e-commerce space. It relies on the extreme difficulty of calculating the factors of very large numbers that only have two prime factors. The public key is exactly that, a product of two large primes. A 128-bit key (the product) can be a number from:
1 to 2^128
or
1 to 3.4028236692093846346337460743177e+38
or
1 to 340,282,366,920,938,000,000,000,000,000,000,000,000
Now, the 1024-bit encryption that was just cracked has a public key that is MUCH larger. It can be a number from:
1 to 2^1024
or
1 to 1.797693134862315907729305190789e+308
or
(figure it out yourself)
Conventional wisdom told us that as long as we have keys long enough to withstand any brute force attack with the most powerful supercomputers of the time, cracking an encryption algorithm would simply be impossible. But, this broke all the rules. They bypassed everything and went straight down to the cpu level. How did these guys at the University of Michigan have the prescience to do this? I don't know, but I am impressed and still very scared.
