Short keys not up to the job...
By Pia Heikkila
Published: 15 April 2002 16:39 GMT
Companies are being warned to stop using short encryption keys as their only measure of protection against hackers.
The most well-known application of short encryption is the Secure Sockets Layer (SSL) protocol, which is commonly used to protect internet transmissions.
But UK encryption specialist nCipher has now warned companies that the short key used in an SSL session could leave networks prone to hack attacks.
nCipher said in a paper entitled The Risk of Short RSA keys for Secure Communications using SSL: "If the RSA key used at the start of secure sessions is compromised, the results could be a devastating attack to the victim. With the increase in computer power over the last few years, the means to carry out such an attack are within reach of a determined and technically competent attacker.
"Given this, the use of short (512-bit) RSA keys for SSL should be abandoned in favour of longer keys. In countries where short keys have been widely used for regulatory reasons, internet commerce over a high proportion of sites should not be regarded as secure."
SSL VPNs. ENCRYPTION including Perimeter and NETWORK ACESS CONTROL Understands SERVER ENVIRONMENT TESTING and SCALEABLE NETWORKS ...
JOB TITLE: UK Sales Executive-Disk Encryption & Data Protection Sales SELLING: Disk Encryption and Data Protection SELLING TO: Enterprise and Mid ...
Basic awareness of computer based network attack scenarios.Desirable Experience: Detailed understanding of networking protocols. Moderate awareness ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Is Your Enterprise Architected for Tomorrow's Growth?
Improving IT service delivery through an integrated approach to software asset management...
TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...
Download a Free Trial of SmartDraw: Learn why SmartDraw is the ideal alternative...
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy