Data Security, Encryption, Incident Response, Malware, TDR

Backdoor threatens Diffie-Hillman encryption used in hundreds of millions of messages

It took two months, but employing as many as 3,000 CPUs, researchers have found a way to place backdoors in the cryptographic keys that protect websites, virtual private networks and internet servers, according to Ars Technica.

By injecting the undetectable backdoor in the 1,024-bit keys used in the Diffie-Hellman key exchange, hackers would be able to "decrypt hundreds of millions of encrypted communications as well as cryptographically impersonate key owners," the article stated

Once believed impenetrable because of its use of large prime numbers, researchers devised a special prime that made the process easier. The implication is that actors looking to decrypt communications might now have a way to unscramble the discrete logarithm.

"We are showing that trapdoored primes that would allow an adversary to efficiently break 1,024-bit keys are completely feasible," Nadia Heninger, one of the researchers at the University of Pennsylvania participating in the study, told Ars.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.