Em tempos recordo-me de ter ouvido rumores acerca da cifra RSA ter sido partida, e por tal não ser agora um sistema de cifragem segura e n coisas que se falam e falam, e depois são contadas e passam.
Ao longo deste ano aprofundei um pouco o sistema de cifra assimética, concretamente tendo estado a implementar academicamente um exemplo de cifra assimética com RSA.
Fig: Exemplo de cifragem assimétrica usando o algoritmo RSA – fonte: Cryptography and Network Security” (W. Stallings)
Hoje voltou a cruzar-se no meu caminho. Assim decidi investigar se afinal tinha ou não sido “breaked” para uma questão de fundamentar a minha opinião, mas segundo o Bruce Schneier não, não o foi : “It does not. At best, it’s an improvement in factoring — and I’m not sure it’s even that. The paper is a preprint: it hasn’t been peer reviewed. Be careful taking its claims at face value.“
Se o Bruce Schneier o diz, eu acredito 🙂
Nota explicativa para quem tenha interesse: RSA (Rivest–Shamir–Adleman) is a public-key cryptosystem that is widely used for secure data transmission. It is also one of the oldest. The acronym “RSA” comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who publicly described the algorithm in 1977.
In a public-key cryptosystem, the encryption key is public and distinct from the decryption key, which is kept secret (private). An RSA user creates and publishes a public key based on two large prime numbers, along with an auxiliary value. The prime numbers are kept secret. Messages can be encrypted by anyone, via the public key, but can only be decoded by someone who knows the prime numbers.[2]
The security of RSA relies on the practical difficulty of factoring the product of two large prime numbers, the “factoring problem“. Breaking RSA encryption is known as the RSA problem. Whether it is as difficult as the factoring problem is an open question.[3] There are no published methods to defeat the system if a large enough key is used.
RSA is a relatively slow algorithm. Because of this, it is not commonly used to directly encrypt user data. More often, RSA is used to transmit shared keys for symmetric-key cryptography, which are then used for bulk encryption–decryption.
– Source Wikipedia