[45137] in Cypherpunks
*fnord* "Encryption Flaw Rattles Security Industry *fnord*
daemon@ATHENA.MIT.EDU (anonymous-remailer@shell.portal.co)
Mon Dec 11 01:47:03 1995
Date: Sun, 10 Dec 1995 22:34:39 -0800
To: cypherpunks@toad.com
From: anonymous-remailer@shell.portal.com
"Encryption Flaw Rattles Comuter Security Industry"
SAN FRANCISCO - The discovery of a vulvnerability has shaken
the computer world's faith in the safe use of the data-security
technologies on which most current and planned electronic
banking, shopping and "digital cash" systems are based.
The vulnerability has been found in a class of technologies
known as public-key encryption - designed to provide electronic
transactions by scrambling data so they can be read only by
people with the proper mathematical keys to the code.
The flaw was identified by Paul C. Kocher, a 22-year-old
researcher, who demonstrated a way that an electronic
eavesdropper who is able to monitor the repeated process
of unscrambling the incoming messages could figure out the private key. It can be done by repeatedly keeping track
of the precise length of time it takes to unscramble each
message.
--From TimesFax, Mon. Dec. 11 Internet Edition
