Short keys not up to the job...
By Pia Heikkila
Published: 15 April 2002 16:39 GMT
Companies are being warned to stop using short encryption keys as their only measure of protection against hackers.
The most well-known application of short encryption is the Secure Sockets Layer (SSL) protocol, which is commonly used to protect internet transmissions.
But UK encryption specialist nCipher has now warned companies that the short key used in an SSL session could leave networks prone to hack attacks.
nCipher said in a paper entitled The Risk of Short RSA keys for Secure Communications using SSL: "If the RSA key used at the start of secure sessions is compromised, the results could be a devastating attack to the victim. With the increase in computer power over the last few years, the means to carry out such an attack are within reach of a determined and technically competent attacker.
"Given this, the use of short (512-bit) RSA keys for SSL should be abandoned in favour of longer keys. In countries where short keys have been widely used for regulatory reasons, internet commerce over a high proportion of sites should not be regarded as secure."
These next-generation threats attack on multiple levels of the network infrastructure. CompanyMcAfee creates best-of-breed computer security ...
Keys technical skills are the knowledge of advanced load balancing scenarios using content switching. Cisco Layer 7 features such as URL parsing, ...
You will also be responsible for preparing training materials which can be delivered by management staff and undertake a briefing/train the trainer ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Nick Heath Your top HR tech priorities for next year revealed How to make human resources IT work for you
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business