Math Problem in Computer Chip could Shake Global E-commerce

The RSA public key algorithm could be vulnerable to attack on account of a mathematical error, according to Prof. Adi Shamir at Israel-located Weizmann Institute of Science. Prof. Shamir jointly developed the RSA software with Leonard Adleman and Ronald Rivest in 1977. AHN reported this on November 18, 2007. The software safeguards e-commerce transactions from hacking attacks.

Prof. Shamir warns that in a hypothetical occurrence, an incorrect math calculation in the computer chip that has a wide usage could put the safety of world electronic commerce at risk, reported The New York Times.

An intricate math error could enable an attacker to penetrate protected electronic messages that avail their security from the public key cryptography technique. This approach helps to scramble a message with a number known to everyone and subsequently unscramble it with a secret private number.

The technology allows two people unknown to each other to send and receive information in a secured manner. This, in fact, is fundamental to the process of conducting e-transactions.

In his research note, Shamir said that the computer under target in the hypothetical attack could be securely located at a far distance where the attacker can't manipulate its operations to kick start a fault. But it is possible to simultaneously attack many computers without the need to craftily change the operational procedures of each machine.

Shamir said that there hadn't been anyone launching an attack similar to his but an obscure bug in the Pentium microprocessor of Intel was discovered long back in 1994 while more recently, a bug that multiplies itself was found in the Excel program of Microsoft.

Professor of cryptography research, Jean-Jacques Quisquater, at Belgium-based Universite Catholique de Louvain said that Shamir's note which describes RSA as potentially vulnerable is what makes the note remarkable. The New York Times reported this on November 17, 2007.

A spokesman for Intel pointed out that the vulnerability was only theoretical whose successful exploitation depended on too many possibilities. He said that even if Intel verified its multipliers' accuracy, other smaller microprocessors might not be as careful with their product's design.

Related article: Media Players Are Seriously Flawed

» SPAMfighter News - 11/30/2007