Infrastructure // Unified Communications
News
11/19/2007
06:37 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%
Repost This

Math Error Could Compromise Cryptographic Systems

The increasing sophistication of computer chip design raises the risk that undetected bugs could be used to crack public key encryption systems, security luminary Adi Shamir says.

A highly respected cryptographer warned on Friday that the increasing sophistication of computer chip design raises the risk that undetected bugs could be used to crack public key encryption systems.

The warning was issued by Adi Shamir, a professor at Israel's Weizmann Institute of Science. The "S" in RSA, one such public key encryption algorithm, belongs to Shamir.

"With the increasing word size and sophisticated optimizations of multiplication units in modern microprocessors, it becomes increasingly likely that they contain some undetected bugs," Shamir said in his note. "This was demonstrated by the accidental discovery of the obscure Pentium division bug in the mid 1990's, and by the recent discovery of a multiplication bug in the Microsoft Excel program."

Shamir goes on to warn that if some intelligence organization discovers the existence of such a flaw, or perhaps secretly plants one, then any public key encryption scheme on any computer can be "trivially broken with a single chosen message."

The notion of intelligence agencies influencing chip design to create a secret back door, or simply exploiting one that's already there, may sound like paranoia. But with questions surrounding the origins of a recently discovered flaw in a random number generation algorithm backed by the National Security Agency and National Institute of Standards and Technology coming from respected cryptographers like Bruce Schneier, not to mention the escalating sophistication of cyberattacks in general, such worries sound less loopy.

Shamir likens this "bug attack" to a fault attack method described in 1996, which might involve, for example, using a sudden power spike to exploit an electrical device. The bug attack, however, appears to pose a theoretical risk of greater scope. It might allow millions of PCs to be attacked simultaneously.

While a major chip designer like Intel may have learned from previous design errors, Shamir says that smaller chip design companies may not be so meticulous. And the problem could extend beyond PCs to cell phones, which also may rely on vulnerable silicon.

"As we have demonstrated in this note, even a single (innocent or intentional) bug in any one of these multipliers can lead to a huge security disaster, which can be secretly exploited in an essentially undetectable way by a sophisticated intelligence organization," Shamir concludes.

Among cryptographers such risks are known. In a post to Google Groups about Shamir's note, Wei Dai, co-creator of the VMAC message authentication code and author of Crypto++, a free C++ class library of cryptographic algorithms, said that there are ways to protect against CPU math errors and that "the RSA implementation in Crypto++ is already protected against this attack..."

Still, it's not every day that a crypto luminary issues such a warning.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.