Feeds

128-bit crypto scheme allegedly cracked in two hours

Boffins splat 'supersingular curve' crypto

Internet Security Threat Report 2014

Crypto researchers are preparing to scatter the ashes of a class of Discrete Logarithm Problems (DLPs) as the future of security, following a claim by Swiss researchers to have cracked a 128-bit crypto scheme in two hours.

So as not to frighten the horses, The Register will start by pointing out that our understanding of this paper at Arxiv doesn't mean the schemes you're now using have been broken. Rather, the work by researchers at EPFL in Switzerland excludes crypto based on “supersingular curves” from future consideration.

As the Lausanne-based polytechnic states in its media release, “Whereas it was believed that it would take 40,000 times the age of the universe for all computers on the planet to do it”, the supersingular curve DLP algorithm only lasted two hours on the 24-core cluster used to crack it.

Authored by Robert Granger and Thorsten Kleinjung of EPFL's LACAL (Laboratory for Cryptologic Algorithms) and Jens Zumbrägel of TU Dresden, the paper says this about the cracking of supersingular curves:

“When initially proposed, these fields were believed to be 128-bit secure, and even in light of the recent algorithmic advances, were believed to be 128-bit and 94.6-bit secure. On the contrary, we have shown that the former field has only59 bits of security and we have implemented a total break of the latter. Since asymptotically more efficient techniques can be brought to bear as bit lengths increase, we conclude that small characteristic pairings at all security levels should now be regarded as completely insecure.”

Their results are to be presented at IACR Crypto 2014 conference. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
UK smart meters arrive in 2020. Hackers have ALREADY found a flaw
Energy summit bods warned of free energy bonanza
DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned
SQLi hole was hit hard, fast, and before most admins knew it needed patching
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Mozilla releases geolocating WiFi sniffer for Android
As if the civilians who never change access point passwords will ever opt out of this one
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Reducing the cost and complexity of web vulnerability management
How using vulnerability assessments to identify exploitable weaknesses and take corrective action can reduce the risk of hackers finding your site and attacking it.