[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] RSA brushes off crypto research findings that RSA algorithm is flawed
By Ellen Messmer
February 16, 2012
After having its flagship RSA crypto system called flawed this week by
prominent researchers in a paper they made available online, EMC's RSA
security division struck back by saying the paper's results don't
indicate a fundamental flaw in the RSA algorithm but more likely a
problem with implementing it.
"On Feb. 14th, a research paper was submitted for publication stating
that an alleged flaw has been found in the RSA encryption algorithm,"
RSA said Thursday in a statement. "Our analysis confirms to us that the
data does not point to a flaw in the algorithm, but instead points to
the importance of proper implementation, especially regarding the
exploding number of embedded devices that are connected to the Internet
Ari Juels, chief scientist for RSA, told Network World that "the study
is useful" as it pertains to the "failures of crypto protocols during
random-number generation." But he faults its core idea that the RSA
algorithm is somehow fundamentally flawed.
"I'd say all cryptography relies on good true random-number generation.
And when that goes wrong, the protocol breaks," Juels says. He faults
the conclusions of the paper that there was something intrinsically
wrong with the RSA algorithm. The paper might have found that the RSA
algorithm "might be a little less robust than another one," but "it's
obviously not a problem with the RSA algorithm, it's the way the keys
Certified Ethical Hacker and CISSP training with Expanding Security gives
the best training and support.
Get a free live class invite weekly. Best program, best price.