Search the Community
Showing results for tags 'rsa'.
Emmanuel Thomé and his colleagues at the National Institute for Research in Computer Science and Automation (Inria) have cracked the largest key so far. The team factored RSA-240, an RSA key with 240 decimal digits. The total computing time took was equivalent to a single computer core running for almost 4000 years. https://www.newscientist.com/article/2226458-number-crunchers-set-new-record-for-cracking-online-encryption-keys/ https://www.popularmechanics.com/science/math/a30149512/longest-encryption-ever-cracked/ https://www.darkreading.com/vulnerabilities---threats/scientists-break-largest-encryption-key-yet-with-brute-force/d/d-id/1336560
A vulnerability in RSA encryption affects about 3% of all web servers including leading web sites such as Facebook and PayPal. In 1998 Daniel Bleichenbacher, a Swiss cryptographer, identified a problem with the implementation of RSA PKCS #1 v1.5 and it was never fully fixed. Hanno Böck, Juraj Somorovsky, and Craig Young discovered the flaw, to be known as ROBOT, which stands for Return Of Bleichenbacher’s Oracle Threat. It can be used to exploit servers running older ciphers. Servers that are vulnerable to a DROWN attack, forcing a downgrade to older ciphers, are also vulnerable. The researchers recommend to fully deprecate RSA encryption based key exchanges in TLS (ciphers that start with TLS_RSA). Further information is available from https://eprint.iacr.org/2017/1189.pdf
ProtonMail has re-opened free registration for the first time since it was launched back in May 2014. ProtonMail wants to keep new membership open for as long as they can sustain it. They don’t make money from advertising, only from donations or people paying for the service. Messages remain in an encrypted format when they are transmitted between their servers and the end-user’s device. The ProtonMail mail service uses AES, RSA, and OpenPGP. To get an encrypted email account visit https://protonmail.com/
Davemail is available on GitHub. It offers a decentralised, encrypted, anonymous, offline messaging platform for git. Using the git distributed version control system for encrypted messaging, as an alternative to SMTP. Data is stored in json format with user data separated from the encrypted message data. The json data is open source and decentralised using git. RSA keys are generated deterministically so it is possible to restore long private keys using a strong and memorable passphrase.