Parallel Algorithm Leads to Crypto Breakthrough

Parallel Algorithm Leads to Crypto Breakthrough [via]

Dr. Dobbs reports that a cracking algorithm using brute force methods can analyze the entire DES 56-bit keyspace with a throughput of over 280 billion keys per second, the highest-known benchmark speeds for 56-bit DES decryption and can accomplish a key recovery that would take years to perform on a PC, even with GPU acceleration, in less than three days using a single, hardware-accelerated server with a cluster of 176 FPGAs. The massively parallel algorithm iteratively decrypts fixed-size blocks of data to find keys that decrypt into ASCII numbers. Candidate keys that are found in this way can then be more thoroughly tested to determine which candidate key is correct.

Tech companies step in to help raise funds for Bletchley Park

CNET News: PGP, IBM help Bletchley Park raise funds

A campaign will be launched on Tuesday to ask U.S. tech companies to help save Bletchley Park, whose wartime work helped lay the foundations of modern computing and crytography.

The fund-raising campaign will be led by cryptography provider PGP, together with IBM and other technology firms. Phil Dunkelberger, chief executive of PGP, told ZDNet UK in a video interview that the group of companies would be making donations to repair the buildings at Bletchley Park, including the National Museum of Computing, and would be calling for other organizations to get involved.

[via]

A new way to think about data encryption

Ars Technica: A new way to think about data encryption: two-level keys

Current encryption methods are far from perfect—a fact highlighted by the numerous data security breaches that have occurred over the past few years. Technological limitations in the “trusted server” model for encryption and psychological barriers hinder the robust protection of data. A trio of computer science researchers has set out to simplify encryption systems. Their research, which began in 2005, has led to a novel encryption system that they term “functional encryption” greatly simplifies the problem of key complexity.

In a functional encryption system, keys are personalized and only one is needed for a person to gain access to all the data that should be available to them. In addition to simplifying the key process, this idea allows users—with proper access rights—to search encrypted volumes for specific information.

For the mathematically inclined the published research paper.

Confidential Home Office CD found hidden in laptop sold on eBay

BBC News: Home Office CD in auction laptop

A highly confidential Home Office disk was found hidden in a laptop computer sold on eBay.

The CD was found between the keyboard and circuit board of the laptop by computer repair technicians in Westhoughton, near Bolton.

This is an odd story because it is a mystery how it would end up being hidden inside the laptop. However it’s not all bad news because unlike other recent security lapses in this case the repair technicians discovered that the data on the CD had been encrypted.

Exploit of DRAM vulnerability leads to attack vector on disk encryption

Ed Felten and his colleagues have released an amazing research result which leads to an attack on hard disk encryption systems such as TrueCrypt, BitLocker and FileVault. Through the process of rapidly reducing the temperature of the memory chips in a computer they can extract the data contained within which would include the encryption key neccessary to decrypt the computer’s hard drive. [via]

Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials.

This is a very interesting piece of research but I don’t believe that it actually yields a practicable attack on hard disk encryption as long as the user maintains control of their computer in the thirty seconds or less following shutdown.

Just make sure that you don’t leave your laptop laying around whilst in sleep mode or locked by a screensaver password, but a user with enough security sense to have hard disk encryption on there computer is unlikely to do that anyway.

Declan McCullagh gives his analysis of the research in this article Disk encryption may not be secure enough, new research finds.