An Engadget article recently got hundreds of upvotes on social sites by claiming that RSA has been broken. Engadget may be great for showing you pictures of electronics, but it is far from a scientific publication.
To break an encryption algorithm, you must find a feasible way to produce plaintext given only ciphertext–with NO access to the key.
The article in question was a butchering of a paper about a side-channel attack on a certain CPU. Researchers could discern a key by varying the amount of electricity going to a CPU under certain conditions. That’s swell, but it’s not at all “breaking RSA.” Other ways of playing with hardware to recover crypt keys include freezing ram before yanking it out of its socket, and tapping a machine’s bus.
These are essentially hardware hacks. They are not “breaking (the) RSA (algorithm).” Your SSL is safe.
More proof engadget is clueless: “until RSA hopefully fixes the flaw”. Yep, they don’t know the difference between RSA the company and RSA the algorithm.
Related Posts: On this day...
- Lively and insightful technical history of the Internet - 2011
- VeriFone vs Square - 2011
- Samsung 55" 1080p LED LCD HDTV for $1600 shipped - 2010
- Newegg terminates supplier relationship over counterfeit Core i7 CPUs - 2010
- What is PIFTS.exe? - 2009
- Firefox Updates to 3.0.7 - 2009
- 24 Solid State Drives in a RAID array - 2009
- Society of Automotive Engineers kills DRM on its journal following MIT boycott - 2008