The encryption systems used to secure online bank accounts and keep critical communications private could be undone in just a few years, security researchers warned at the Black Hat conference in Las Vegas yesterday. Breakthroughs in math research made in the past six months could underpin practical, fast ways to decode encrypted data that’s considered unbreakable today, reports Technology Review..
Alex Stamos, chief technology officer of the online security company Artemis, led a presentation describing how he and three other security researchers studied recent publications from the insular world of academic cryptopgraphy research, which covers trends in attacking common encryption schemes.
“Our conclusion is there is a small but definite chance that RSA and classic Diffie-Hellman will not be usable for encryption purposes in four to five years,” said Stamos, referring to the two most commonly used encryption methods.
Any hints that those methods could be undermined must be taken seriously, said Stamos. They are used to protect banking, online commerce, and e-mail, as well as the mechanisms that ensure that updates downloaded by operating systems such as Windows and OSX are genuine. The result of the two encryption methods being broken would be, said Stamos, “a total failure of trust on the Internet.”
RSA and Diffie-Hellman encryption are both underpinned by a mathematical challenge known as the discrete logarithm problem. That problem is computationally difficult to solve, ensuring that encrypted data can only be decoded quickly with knowledge of the secret key used to encode it in the first place. Breaking RSA or Diffie-Hellman encryption today requires using vast computing resources for significant periods of time.
However, it is possible that algorithms able to solve the discrete logarithm problem quickly could exist. “We rely on that efficient algorithm not being found,” said Jarved Samuel, a cryptographer who works for security consultancy ISEC Partners and presented alongside Stamos. “If it is found the cryptosystem is broken.”
Earlier this year, French academic Antoine Joux published two papers that suggest such an algorithm could be found before long. “This is a big deal, since there was marginal progress for 25 years,” said Samuel. “This will spur researchers into looking more closely at the problem and most likely result in more progress.”
One reason to believe that progress will be swift, says Samuel, is that Joux’s advances weren’t based on inventing completely new techniques. Rather, he applied known tricks that hadn’t previously been used on this specific problem. Beating RSA encryption would take a little more additional work, Samuel notes, because it relies less directly on the discrete log problem than Diffie-Hellman encryption does.
However, Stamos believes that once a mathematician publishes a good enough technique, it would quickly be used in online attacks. “Joux or one of these guys could have a breakthrough, throw it onto the crypto mailing lists, and a practical implementation could be worked out in a day or two,” he said.
But there may be a safe option for now:
Stamos called on the security industry to think about how to move away from Diffie-Hellman and RSA, and specifically to use an alternative known as elliptic curve cryptography (ECC), which is significantly younger but relies on more intractable mathematical challenges to secure encrypted data.
The scary part is the NSA is urging movement towards ECC, which suggests they may know how to get around that:
The U.S. National Security Agency has for years recommended ECC as the most reliable cryptographic protection available. In 2005 the agency released a toolkit called SuiteB featuring encryption algorithms to be used to protect government information. SuiteB makes use of ECC and eschews RSA and Diffie-Hellman. A classified encryption toolkit, SuiteA, is used internally by the NSA and is also believed to be based on ECC.