Chinese Balloon Shot Down Galaxy S23 Ultra: Hands-On Netflix Password-Sharing Crackdown Super Bowl Ads Google's Answer to ChatGPT 'Knock at the Cabin' Review 'The Last of Us' Episode 4 Foods for Mental Health
Want CNET to notify you of price drops and the latest stories?
No, thank you
Accept

New Online Security Flaw Emerges

Essentially, Kocher found that a computer miscreant could eavesdrop on data traffic and, by monitoring and timing incoming messages, could break private keys. Public key encryption technology uses a dual code system that scrambles data so that it can be read by only those with the proper keys. By observing thousands of entries and timing each one, a cracker could eventually pare the possible combinations and break the key. While this weakness has always been recognized, Kocher's paper asserts that this break-in method could be used in a short span of time. During that time a cracker could siphon credit card numbers or other sensitive information.

While cryptography experts agreed that Kocher's flaw could be troublesome, officials from RSA Data Security said it would be simple to remedy. One solution would be to pad the elapsed time of the unscrambling process.