Researches Find RSA Security Hole
RSA security is the de facto technology used to protect pretty much everything, including web servers and smartphones. Theoretically, it's a bear to bypass, requiring an obscene amount of time and computing power to crack 1,024-bit private keys. The thinking has always been that unless you guess the key, you just aren't breaching the security.
Not so much anymore, at least according to three University of Michigan computer scientists. Turns out that RSA authentication is susceptible to voltage changes applied to the private key holder, Network World is reporting.
Researchers have published a paper showing that by varying current to a secured computer, they were able to figure out a 1,024-bit private key in only 100 hours, without leaving any trace of doing so.
The good news? They've also published a solution to the problem that involves randomly juggling the private key's digits.