The Factor Circumstance


News, via Dan Goodin, writing at our beloved ArsTechnica, detailing an enormous factorization flaw within Infeneon-based 2048-bit RSA keys tied to a widening number of encryption products worldwide. The implications are equally enormous. H/T

‘The researchers who uncovered the Infineon library flaw questioned whether the secrecy required by some of the certification process played a role. They wrote: Our work highlights the dangers of keeping the design secret and the implementation closed-source, even if both are thoroughly analyzed and certified by experts. The lack of public information causes a delay in the discovery of flaws (and hinders the process of checking for them), thereby increasing the number of already deployed and affected devices at the time of detection.’ – via Dan Goodin at ArsTechnica


*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: