/RSA Is Dead — We Just Haven’t Accepted It Yet (via Qpute.com)
RSA Is Dead — We Just Haven’t Accepted It Yet

RSA Is Dead — We Just Haven’t Accepted It Yet (via Qpute.com)


Lila Kee is the General Manager for GlobalSign’s North and South American operations, as well as the company’s Chief Product Officer.

One of the biggest features of the internet is that it’s constantly evolving at an unbelievable pace. You can’t keep track of time in decades, or even years sometimes, when it comes to the web. The friendly AOL voice that used to greet us with, “You’ve got mail,” now feels like an ancient relic. Nobody has seen Jeeves in years.

So why is the internet still overleveraging a cryptosystem that is coming up on 45 years old?

In the mid-1970s, as computer scientists and mathematicians rushed to find a viable public key cryptosystem, two emerged: Diffie-Hellman and RSA. The internet equivalents of the Beatles and the Stones. While Diffie-Hellman bowed out like the Beatles and has now found new life in a new generation of elliptic curve approaches that were inspired by it, RSA is like the Stones, still touring well past its prime and begging the question, “Should we still let them be going out there?”

RSA isn’t broken just yet, but it’s definitely vulnerable. In fact, over the past few years, a stream of papers detailing ways to assault RSA has been released at a fairly steady pace. Yet, as we discuss concepts like crypto-agility and hurdle full speed into post-quantum cryptosystems, companies and organizations around the world continue to overleverage RSA across their networks.

It’s time to sunset RSA.

RSA has two very critical functions that it currently serves on the modern internet. Over 90% of internet connections begin using RSA as a part of the SSL handshake. This is a critical touch point where an attack could compromise the entire session, rendering all communication between the website and the visitor readable and exploitable — think personal info, financial data, medical records, intellectual property, etc.

The second equally important function is creating cryptographic digital signatures. We use these for a litany of things, from authenticating emails and documents to signing software and firmware updates. When a file or program is digitally signed, your computer and mobile devices are designed to trust it. Obviously, this would be another potentially catastrophic touch point to have your cryptosystem fail you.

So, what’s the problem with RSA? It’s twofold.

Let’s start with the key itself. We use longer, more secure keys for things like digital signatures and handshakes because they’re harder to crack. A cryptographic key, in its most basic form, is just a string of 1s and 0s. The average RSA key is 2048-bits, 2,048 1s and 0s in a sequence. Cracking a key means guessing its value. This becomes exponentially more difficult as the key gets longer.

As modern computers and crypto-breaking techniques improve, the keys necessarily need to get longer to maintain their security. One 2012 paper using a purposely concealed technique called triple logarithmic factoring was able to grab around 6 million public keys and crack around 13,000 of them over 13 hours of computing. That’s less than 99.8% security. Scoff all you want, but that’s not an acceptable number.

The problem with RSA is that as these keys get longer, the increase in security isn’t commensurate to the increase in computational power it takes to use them. It’s just not sustainable. The CAB Forum just mandated that keys used for signing software must now be at least 3072-bit in length if you’re using RSA. That will hold for now, but we’re reaching the limits once we hit 4,096.

The second issue with RSA, beyond the problems with scaling, is lazy implementation. In order to generate keys, RSA uses something called a Cryptographic Secure Pseudorandom Number Generator (CSPRNG) to create seeds. These seeds are supposed to be random. They are not. They use algorithms, which are fallible. Also, many organizations and companies use the same CSPRNGs configured in the same ways. That means RSA keys are a whole lot less random than many of us would like to believe.

In fact, RSA seeding is one of the easiest places for law enforcement or a malicious third party to focus on inserting a back door. If you can discern the seeds, cracking the keys becomes far easier. Now think about the fact you have multinational companies that are using the same CSPRNGs, configured the same way, using the same algorithms and seed ranges, and “time bomb” begins to creep into the back of your mind.

RSA has been an incredible cryptosystem, elements of which will continue to live on in generations of future cryptosystems. But it’s also a dinosaur. It’s older than the current iteration of the World Wide Web itself. As business leaders in the security space, we need to start making a concerted effort to sunset RSA and ensure it’s not so heavily leveraged as the internet moves closer to quantum computing.

In fact, even if quantum computing wasn’t just over the horizon, this is already a discussion we should have been having years ago. Elliptic curve systems and some of the other cryptosystems being minted as we speak provide greater security while also managing to be lighter and more agile, which means better performance in addition to an improved security posture.

And it means when the day finally comes that quantum computing is here, you’ll already be a few steps ahead of the competition. RSA is already dead. We just haven’t accepted it yet.


Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?


.


This is a syndicated post. Read the original post at Source link .