The longest encryption key was broken; it only took 35 million hours
A team of information security researchers just cracked the most complex cryptographic algorithm ever attempted. Although this is a much less complex code than cryptography used in the world of cybersecurity, this is considered by many to be a leading achievement in the field of computing.
Employing multiple computers working
simultaneously distributed around the world, the researchers invested the
equivalent of 35 million hours of computational processes to realize decryption
within a relatively reduced time frame.
To generate the computer and mathematical
problem to be solved, information security researchers used the RSA algorithm,
named after its creators Ron Rivest, Adi Shamir and Leonard Adleman. In this
algorithm, two parties encrypt the information using a huge number, created
from the multiplication of two prime numbers together.
Any math expert knows that there are endless
methods to quickly know if a very large number is divisible by 9, 11, etc.
However, when advancing to numbers like 17 or 19 things get complicated, so in
these cases it is only necessary to verify by trial and error, making the work
of finding the next value of the algorithm incredibly complex. How do we know
by which combination of prime numbers we can get 667? The answer is to multiply
23 and 29, but this is only obtainable by trial and error.
Another variant that adds more complexity to
decryption are the semi-prime numbers, obtained from the multiplication of two primes;
these numbers are not divisible by any compound number and their factors are 1,
the two prime numbers and the number itself. “Usually there is some
indicator to know how to start separating a compound number, the large and
semi-prime numbers do not tell us anything”, information security experts
mention.
Although it is a feasible mathematical process,
computing capacity adds even more complexity. By running programmed algorithms,
a computer could continue to test new combinations via brute
force until the correct one is found, although it must still be
considered that the algorithm employs combinations of prime numbers, so there
are billions and even trillions of possible combinations.
The mathematical complexity of RSA encryption
is the main reason why it is possible to publicly share these keys, as only a
user in possession of one of the two multiples could easily determine what the
second multiple is. From then on, dividing these gigantic numbers (more than
200 figures) will be their own task.
According to information security specialists
from the International Institute of Cyber Security (IICS), this group of
researchers broke their own record in both encryption complexity and resolution
time, as this occasion they managed to solve a 240-digit problem in less time
than it took them to solve a 232-digit problem before.
This gigantic number (with 795-bit
cryptographic key) is barely equivalent to a third of the 2048-bit encryption
employed by most computers, so the encryption used in practice is still far
from being resolved using similar methods, however, this is a race and it could
be a matter of time before new methods to break with encryption are
revealed.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
Gloss