CNET también está disponible en español.

Ir a español

Don't show this again

Internet

New Online Security Flaw Emerges

Essentially, Kocher found that a computer miscreant could eavesdrop on data traffic and, by monitoring and timing incoming messages, could break private keys. Public key encryption technology uses a dual code system that scrambles data so that it can be read by only those with the proper keys. By observing thousands of entries and timing each one, a cracker could eventually pare the possible combinations and break the key. While this weakness has always been recognized, Kocher's paper asserts that this break-in method could be used in a short span of time. During that time a cracker could siphon credit card numbers or other sensitive information.

While cryptography experts agreed that Kocher's flaw could be troublesome, officials from RSA Data Security said it would be simple to remedy. One solution would be to pad the elapsed time of the unscrambling process.