Encryption bug

You know how when you go to a website and the URL begins with “https?” That “s” stands for “secure” and that security comes from encryption technology that makes sites safe. Encryption is the reason for the term Cyber Monday, and it’s why online sales have gone bananas over the last 5-10 years. The technology is based on hiding, or encrypting, your information as it goes from your computer into the web and back, and it uses a series randomly generated, prime numbers to do the hiding. Researchers have just discovered, however, that those random numbers can be reproduced.

 

From the New York Times:

For the system to provide security, however, it is essential that the secret prime numbers be generated randomly. The researchers discovered that in a small but significant number of cases, the random number generation system failed to work correctly.
The importance in ensuring that encryption systems do not have undetected flaws cannot be overstated. The modern world’s online commerce system rests entirely on the secrecy afforded by the public key cryptographic infrastructure.

Let’s be clear: this doesn’t mean you should set fire to your computer and start using coffee beans to barter with your neighbor. The chances of someone finding one of these un-encrypted string of number is minuscule. The bigger threat is to our trust. If we, as email senders and buyers of online stuff, know that there’s a chance, even a mouse hair’s chance, that what we’re sending out to the web is not secure, we may choose to stop treating the web as a trusting friend.

About the author

Marc Sanchez is the technical director and associate producer for Marketplace Tech Report where he is responsible for shaping the sound of the show.

Comments

I agree to American Public Media's Terms and Conditions.
With Generous Support From...