Actu
Origin Storage: Time for multi-factor security on portable data as 768-bit RSA encryption cracked
January 2010 by Origin Storage
Hard on the heels that the GSM A5/1 encryption system has been cracked (http://bit.ly/4KgwT7) comes reports that a second crypto system - 768-bit RSA - has now been hung out to dry using a cluster PC brute force approach http://bit.ly/7xmqco
Weekend news that the 768-bit RSA encryption has been cracked - generating a huge five terabyte password file in the process - was met with a sanguine response from Origin Storage.
"Cracking this crypto system using a 2.2GHz Opteron processor-based PC would reportedly have taken around 1,500 years, but the process has been dramatically speeded up using distributed computer resources and cluster PC approach," said Andy Cordial, managing director with the storage systems integration specialist.
"Whilst this crypto cracking feat is impressive, it highlights the fact that the days of relying on encryption alone as a means of defending private data are now drawing to a close," he added.
According to Cordial, the use of a PIN-based protection - and even biometric authentication - alongside a fully encrypted drive is now the logical choice for companies wanting to protect sensitive data from prying eyes.
Now that a 768-bit RSA crypto decryption table has been produced, Origin’s MD says that organisations can no longer be expect their encrypted data to be secure from anyone equipped with a RAID-driven high-powered PC.
And, he explained, it’s even conceivable that a regulator at some stage in the future may take a dim view of, say, a bank claiming that its encryption system is sufficient to protect customer data - especially in a mobile situation - from prying eyes.
We are, said Cordial, rapidly reaching the stage where a single layer of protection for data is starting to become about as effective as a chocolate teapot against high-powered crypto hackers.
"And since biometric-enhanced encryption systems are still relatively expensive, the logical choice is a PIN/password-enhanced external encrypted drive such as our DataLocker range (http://bit.ly/2vb6y9), which uses a hardware based AES/CBC encryption chip, backed up by an onboard PIN/password unit," he said.
"At the very least, this will allow the CEO or chairman to put his/her hand on heart and say the company’s data is secure whilst in transit from one place to another. That’s a claim you can’t truly make any more with single factor encryption," he added.
