Encryption bug

Marc Sanchez Feb 15, 2012

You know how when you go to a website and the URL begins with “https?” That “s” stands for “secure” and that security comes from encryption technology that makes sites safe. Encryption is the reason for the term Cyber Monday, and it’s why online sales have gone bananas over the last 5-10 years. The technology is based on hiding, or encrypting, your information as it goes from your computer into the web and back, and it uses a series randomly generated, prime numbers to do the hiding. Researchers have just discovered, however, that those random numbers can be reproduced.


From the New York Times:

For the system to provide security, however, it is essential that the secret prime numbers be generated randomly. The researchers discovered that in a small but significant number of cases, the random number generation system failed to work correctly.
The importance in ensuring that encryption systems do not have undetected flaws cannot be overstated. The modern world’s online commerce system rests entirely on the secrecy afforded by the public key cryptographic infrastructure.

Let’s be clear: this doesn’t mean you should set fire to your computer and start using coffee beans to barter with your neighbor. The chances of someone finding one of these un-encrypted string of number is minuscule. The bigger threat is to our trust. If we, as email senders and buyers of online stuff, know that there’s a chance, even a mouse hair’s chance, that what we’re sending out to the web is not secure, we may choose to stop treating the web as a trusting friend.

As a nonprofit news organization, our future depends on listeners like you who believe in the power of public service journalism.

Your investment in Marketplace helps us remain paywall-free and ensures everyone has access to trustworthy, unbiased news and information, regardless of their ability to pay.

Donate today — in any amount — to become a Marketplace Investor. Now more than ever, your commitment makes a difference.