Millions of computers running the RSA security standard to enrycpt data could be vulnerable to hacking attacks following the discovery of a flaw in a popular microprocessor by one of the RSA standard's founders.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Adi Shamir - the "S" in RSA - revealed a mathematical error which would make it possible for an attacker to break the protection of public key cryptography when used against a well-known and widely used make of microprocessor.
Mr Shamir wrote in a research note that if an intelligence organisation discovered the error in the widely used chip, then security software on a PC with that chip could be "trivially broken with a single chosen message".
"Millions of PCs can be attacked simultaneously, without having to manipulate the operating environment of each one of them individually", said Shamir.
He wrote that the increasing complexity of modern microprocessor chips was almost certain to lead to undetected errors and that because the exact design of chips were kept as trade secrets, it would be difficult to verify how many different versions of this chip contained the error.
Using RSA, a message is encrypted using a publicly known number and then unscrambled with a secret one. The technology makes it possible to exchange information securely, and is used in secure web transactions.
An attack would require knowledge only of the flaw - initiated by inputting a mathematical error - and the ability to send a "poisoned" encrypted message to a protected computer. It would then be possible to compute the value of the secret key used by the targeted system.
Mr Shamir has said he had no evidence that anyone was using an attack of the kind he had described.