Facebook used unsafe and outdated 1024bit RSA-encryption ‘




Facebook used unsafe and outdated 1024bit RSA-encryption ‘

The social-networking site Facebook would still use 1024bit RSA encryption for SSL connections are, for some time while cryptographers recommend 2048bit keys. The NSA would also be relatively short time 1024bit keys can crack.

While companies like Apple, Microsoft and Dropbox for some time 2048bit RSA keys and use some parties already choose 4096bit keys, Facebook still uses 1024bit encryption, so writes CNET. However, the U.S. National Institute of Standards and Technology recommends since 2010 to no longer use 1024bit keys for SSL connections because they offer insufficient strong encryption. The use of 1024bit keys has the advantage that the owner requires less computing capacity on its server farm.

According cryptographer Eran Tromer, previously drafted a document which specific hardware decryption described, can be a 1024bit key now cracked when purchased. For roughly $ 1 million to hardware The figure out the key would take approximately one year. Intelligence agencies like the NSA with budgets billion would encrypted data can figure out relatively easily.

Facebook declined to comment on the findings of CNET, but an anonymous source would have indicated that the social-networking or making preparations in order to 2048bit encryption to make the switch. Incidentally, Google still 1024bit keys used, but because the search giant for each session using the forward secrecy mechanism always generates a new key and Google are RSA keys refreshed every two weeks, the vulnerability are significantly lower.



In: Technology & Gadgets Asked By: [15464 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »