Japanese Researchers Crack Supposedly Hack-Proof Cryptography
June 19, 2012 3:54 PM
comment(s) - last by
Researchers who developed standard claimed it would take "thousands of years to crack", but it took only 148 days
We're living in either a dark, dysmal time for cryptographers or a golden,
glorious age for hackers
depending on how you look at it. Casual hackers are making short work of supposedly
modestly-secure older hashing
, and even supposedly-super-secure "strong" encryption techniques are falling to novel attacks.
I. Pair-Based Cryptography Continues to Fall in Security
The latest victim in the march of progress is pairing-based cryptography, an approach that was thought to hold the key to super-secure future communications. Japanese electronics giant Fujitsu Ltd. (
, and Japan’s
National Institute of Information and Communications Technology
a 278-digit (923-bit) cryptogram, easily besting the previous world record of 204 digits (676 bits).
Researchers who worked with pair-based cryptography have in the past expressed confidence that 900+ bit cryptograms would take hundreds of thousands of years to crack. But Fujitsu,
. achieved the feat in a mere 148.2 days -- less than half a year -- running on a 21-computer cluster with 252 cores.
Fujitsu has cracked an encryption that was previously estimated to take "hundreds of thousands of years" to break. [Image Source: Fujitsu]
By employing parallel programming methods and other novel techniques to the attack, the research team was able to cut the time that would have been required by a less state-of-the-art brute force attack with previous methods.
II. Cat and Mouse -- No System is Unbreakable
Fujitsu warns that the shocking success should serve as a warning to security firms that what seems like reliable standards may be crackable sooner than they think, and unsafe not too long after that. Writes the company:
As cryptanalytic techniques and computers become more advanced, cryptanalytic speed accelerates, and conversely, cryptographic security decreases. Therefore, it is important to evaluate how long the cryptographic technology can be securely used.
We were able to overcome this problem by making good use of various new technologies, that is, a technique optimising parameter setting that uses computer algebra, a two dimensional search algorithm extended from the linear search, and by using our efficient programing techniques to calculate a solution of an equation from a huge number of data, as well as the parallel programming technology that maximises computer power.
Cryptography today is facing a two-side assault. On the one side are the crackers, looking to employ novel methodology to reverse advance encryption. On the other side are the exploiters, looking to identify and leverage fundamental
flaws in the implementation
, flaws which sabotage the reliability of the underlying methods.
Unbreakable security is a fantasy. [Office Hackery]
Some public keys encrypted by
the RSA standard
were recently found to have "no security at all". The culprit, said Swiss researchers who published their findings in February, was improper generation. Likewise in 2010 Norwegian researchers
[abstract] results indicating
could be cracked via attacking the photon detectors that implemented the encryption via quantum mechanical effect. Here, the quantum cryptography itself was likely strong enought to stand up to any direct assault, but the glaring weak spot was the encoders/decoders in the system, which could be hijacked with traditional attacks.
Of course security researchers will surely scramble on to new and safer protection schemes. But it's more clear than ever that uncrackable encryption is anything but.
This article is over a month old, voting and posting comments is disabled
6/20/2012 4:49:03 AM
Encryption is (as of now) based on integer calculations, not floating point ones (or totally standard floating point implementations that differs on out-of-necessary-precision digits would not be compatible).
And as the GPUs are floating point compute monsters (but integer-compute puppies), cracking encryption on GPU clusters doesn't seem too probable.
I'd say FPGA specially programmed would be a better match for cracking encryption
6/20/2012 11:56:02 AM
With Intel's recent release of Knights Corner, the cluster used could be equipped with that rather than a GPU array, and reduce the time considerably. A larger botnet or other shared computing platform could also decrease the amount of time required to break it to hours, rather than days. It seems that true security will require a proprietary seperate piece of hardware from the current methods.
6/20/2012 12:18:06 PM
I don't believe hardware is the answer. I'm sure the TSMC wouldn't agree, however, once its hard coded, and deployed. Its difficult to update, and maintain the tit for tat.
If its hard coded, all you have to do, is crack the device, once.
"We don't know how to make a $500 computer that's not a piece of junk." -- Apple CEO Steve Jobs
Secure Wi-Fi? Not so Much -- Gaping Hole Found in WPS Pin System
December 29, 2011, 12:42 PM
Inside the Mega-Hack of Bitcoin: the Full Story
June 19, 2011, 6:40 PM
RSA Offers New SecurIDs in the Wake of Lockheed Martin Cyberattack
June 7, 2011, 6:36 PM
MD5 Is Officially Insecure: Hackers Break SSL Certificates, Impersonate CA
January 4, 2009, 5:04 PM
Researchers Crack WPA, No Brute Force Needed
November 7, 2008, 8:50 AM
Google plans ultra-fast wireless Internet for Research Triangle Park, N.C.
August 12, 2016, 6:30 AM
Twitter Senior VP: "Diversity is Important, But We Can’t Lower the Bar"
November 9, 2015, 9:59 AM
CNN Resorts to Internet Censorship to Promote Clinton Over Senator Sanders
October 15, 2015, 2:47 PM
Breaking Bad: How to Crash Google's Chrome Browser With Just 8 Characters
September 23, 2015, 11:08 AM
Quick Note: Amazon UK Offers £10 Back on Any Order £50 or Over
August 3, 2015, 12:05 PM
Editorial: Reddit Allows Itself to be Hijacked as a Hate Platform For Racist Bigots
July 21, 2015, 6:32 PM
Most Popular Articles
Are you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Yahoo Hacked - Change Your Passwords and Security Info ASAP!
September 23, 2016, 5:45 AM
A is for Apples
September 23, 2016, 5:32 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
Latest Blog Posts
Burlington Gun Attack
Sep 27, 2016, 5:00 AM
Who is in Risk of Getting Oral Cancer?
Sep 23, 2016, 6:02 AM
France Bans Plastic Eating Utensils in Restaurants
Sep 18, 2016, 10:49 AM
Progress Against Acute Myeloid Leukemia
Sep 17, 2016, 5:30 AM
Apple Watch Series 2 - Number 1 in the Customer Satisfaction.
Sep 7, 2016, 6:19 PM
More Blog Posts
Copyright 2016 DailyTech LLC. -
Terms, Conditions & Privacy Information