| Saturday May 28th 2016

RSA encryption has not been broken

An Engadget article recently got hundreds of upvotes on social sites by claiming that RSA has been broken. Engadget may be great for showing you pictures of electronics, but it is far from a scientific publication.

security encryption rsaTo break an encryption algorithm, you must find a feasible way to produce plaintext given only ciphertext–with NO access to the key.

The article in question was a butchering of a paper about a side-channel attack on a certain CPU. Researchers could discern a key by varying the amount of electricity going to a CPU under certain conditions. That’s swell, but it’s not at all “breaking RSA.” Other ways of playing with hardware to recover crypt keys include freezing ram before yanking it out of its socket, and tapping a machine’s bus.

These are essentially hardware hacks. They are not “breaking (the) RSA (algorithm).” Your SSL is safe.

More proof engadget is clueless: “until RSA hopefully fixes the flaw”. Yep, they don’t know the difference between RSA the company and RSA the algorithm.

Related Posts: On this day...

Reader Feedback

One Response to “RSA encryption has not been broken”

Leave a Reply

You must be logged in to post a comment.