Information Security News mailing list archives
Pinoy math enthusiast finds fast way to decode RSA encryption
From: William Knowles <wk () C4I ORG>
Date: Sun, 4 Feb 2001 00:22:26 -0600
http://www.mb.com.ph/INFO/2001-02/IT020201.asp [How truthful this is is anyones guess, But I have a feeling we all will being hearing about Leo de Velez in the days and weeks to come, and I can only imagine what will happen to the whole computer security world if this is as easy and simple as he claims. - WK] By EDU H. LOPEZ Friday, 2 February 2001 A Filipino mathematics enthusiast has developed a new method of decoding RSA (RivestShamir-Adleman) encryption using three simple formulas. Leo de Velez has discovered these three formulas are simple forward equations that allow fast decoding of RSA encryption. RSA is an Internet encryption and authentication system that uses an algorithm developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. The RSA algorithm is the most commonly used encryption and authentication algorithm and is included as part of the Web browser from Netscape and Microsoft. It's also part of Lotus Notes, Intuit's Quicken, and many other products. The encryption system is owned by RSA Security. The company licenses the algorithm technologies and also sells development kits. The technologies are part of existing or proposed Web, Internet, and computing standards. Here's how the RSA system works. The mathematical details of the algorithm used in obtaining the public and private keys are available at the RSA Web site. Briefly, the algorithm involves multiplying two large prime numbers (a prime number is a number divisible only by that number and through additional operations deriving a set of two numbers that constitutes the public key and another set that is the private key. Once the keys have been developed, the original prime numbers are no longer important and can be discarded. Both the public and the private keys are needed for encryption/decryption but only the owner of a private key ever needs to know it. Using the RSA system, the private key never needs to be sent across the Internet. The private key is used to decrypt text that has been encrypted with the public key. Thus, if I send you a message, I can find out your public key (but not your private key) from a central administrator and encrypt a message to you using your public key. When you receive it, you decrypt it with your private key. In addition to encrypting messages (which ensures privacy), you can authenticate yourself to me (so I know that it is really you who sent the message) by using your private key to encrypt a digital certificate. When I receive it, I can use your public key to decrypt it. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Pinoy math enthusiast finds fast way to decode RSA encryption William Knowles (Feb 03)