ANN ARBOR, Mich., March 4 (UPI) -- U.S. scientists say they've discovered a weakness in the most common digital security algorithm used to protect media copyright and Internet communications.
University of Michigan researchers said the RSA algorithm is used in media players, laptop computers, smartphones, servers and other electronic devices. It's also used to ensure the safety of customers' online information.
The researchers, co-led by Associate Professor Valeria Bertacco, said they found they could foil the security system by varying the voltage supply to the holder of the "private key.
"The RSA algorithm gives security under the assumption that as long as the private key is private, you can't break in unless you guess it. We've shown that that's not true," said Bertacco, explaining the private keys contain more than 1,000 digits of binary code. To guess a number that large would take longer than the age of the universe, the scientist said.
Using their voltage tweaking scheme, the researchers were able to extract the private key in approximately 100 hours.
"RSA authentication is so popular because it was thought to be so secure," said Professor Todd Austin, who co-led the study. "Our work redefines the level of security it offers. It lowers the safety assurance by a significant amount."
Doctoral student Andrea Pellegrini is to present the research in Dresden, Germany, Wednesday during the Design, Automation and Test in Europe conference.
|Additional Science News Stories|
WASHINGTON, June 19 (UPI) --U.S. Senate Republicans are criticizing the Internal Revenue Service for plans to pay $70 million in bonuses officials say may be contractually required.
COLLEGE PARK, Md., June 19 (UPI) --University of Maryland scientists say they've developed an environmentally friendly battery that uses wood as its backbone.