#RIPRSA – A new algorithm can potentially destroy RSA
- This author does not have any more posts.
Fast Factoring Integers by SVP Algorithms “destroys RSA”
The new SLV algorithm has paved the way to crack the world’s strongest encryption techniques RSA
If it is true and gets implement to practical use before the current pandemic ends, it will open up another pandemic. This is going to challenge the entire digital system and possibly break all the security system which we aware of to this date.
What is RSA encryption?
Let’s say you want to tell your friend a secret. If you’re right next to them, you can just whisper it. If you are on opposite sides of the country, that obviously won’t work. You could write it down and mail it to them, or use the phone, but each of these communication channels is insecure and anyone with strong enough motivation could easily intercept the message.
If the secret was important enough, you wouldn’t risk writing it down normally–spies or a rogue postal employee could be looking through your mail. Likewise, someone could be tapping your phone without your knowledge and logging every single call you make.
One solution to prevent eavesdroppers from accessing message contents is to encrypt it. This means to add a code to the message which changes it into a jumbled mess. If your code is sufficiently complex, then the only people who will be able to access the original message are those who have access to the code.
If you had a chance to share the code with your friend beforehand, then either of you can send an encrypted message at any time, knowing that you two are the only ones with the ability to read the message contents. But what if you didn’t have a chance to share the code beforehand?
This is one of the fundamental problems of cryptography, which has been addressed by public-key encryption schemes like RSA.
Under RSA encryption, messages are encrypted with a code called a public key, which can be shared openly. Due to some distinct mathematical properties of the RSA algorithm, once a message has been encrypted with the public key, it can only be decrypted by another key, known as the private key. Each RSA user has a key pair consisting of their public and private keys. As the name suggests, the private key must be kept secret.
RSA is useful for communicating in situations where there has been no opportunity to safely distribute keys beforehand.
Where is RSA encryption used?
RSA encryption is often used in combination with other encryption schemes, or for digital signatures which can prove the authenticity and integrity of a message. It isn’t generally used to encrypt entire messages or files, because it is less efficient and more resource-heavy than symmetric-key encryption.
To make things more efficient, a file will generally be encrypted with a symmetric-key algorithm, and then the symmetric key will be encrypted with RSA encryption. Under this process, only an entity that has access to the RSA private key will be able to decrypt the symmetric key.
Without being able to access the symmetric key, the original file can’t be decrypted. This method can be used to keep messages and files secure, without taking too long or consuming too many computational resources.
As one of the first widely used public-key encryption schemes, RSA laid the foundations for much of our secure communications. It was traditionally used in TLS and was also the original algorithm used in PGP encryption. RSA is still seen in a range of web browsers, email, VPNs, chat, and other communication channels.
RSA is also often used to make secure connections on the Internet, between VPN clients and VPN servers. Under protocols like OpenVPN, TLS handshakes can use the RSA algorithm to exchange keys and establish a secure channel.
Why do we need to worry if RSA is broken?
A great deal here would depend on how and to what degree it was broken. The Internet would probably collapse until all of its protocols could be re-designed.
You would probably not be able to verify websites or encrypt your traffic.
When you want to know whether a website is legitimate, you have to check the certificate. These certificates are signed with the RSA key of a certificate authority. If someone found a practical way to forge RSA signatures, then you wouldn’t be able to verify any site that you visit.
Also, RSA is one of the available encryption algorithms for the Transport Layer Security protocol (or TLS). Every time you log in to a website, your password is encrypted using this protocol. So someone who could break RSA might be able to steal your passwords.
Other available encryption methods can be used in TLS. But if RSA were broken, the others likely would be as well.
Is it the end or just the beginning of the new challenges to cryptography?
Cryptography is an evolving field. We have always faced new challenges and we figure out what is next in our human evolution. We will find the next strong crypto algorithm which will take years to break. Often that doesn’t mean that we will have a foolproof solution but the devices in that generation will wait for a decade for a new generation to come and to be broken. We will play the catch up came with one after another.
Things to remind while developing any cryptography is to assume for the worst… Always build your security more than you need and keep it as a thumb rule. When unexpected things happen you will be happy that you did prepare for the worst.
#RSA #destroysRSA #SVPAlgorithm #information_security #RIPRSA #InternetSecurity #SSL #TLS