A group of computer scientists dubbed Team Prosecco says it has found a way to extract a security key from a widely used RSA electronic token in 13 minutes.
The researchers say they can hack into the SecurID 800 RSA Dongle, as well as similar devices produced by other companies.
RSA Security is currently using its own computer scientists to determine if the claim is valid. "If there is a potential serious security vulnerability or threat to our customers, RSA will move quickly to address it," says RSA's Kevin Kempskie.
Researchers had assumed it would be impractical for hackers to break into RSA security devices because it would take too much time, says Georgia Institute of Technology cryptographer Chris Peikert. Team Prosecco also says it has created another algorithm that enables five types of security hardware devices to be cracked, all in relatively short periods of time.
"Cryptography breaks very slowly. It's the molasses of computer science," says security researcher Dan Kaminsky. "There are many technologies we abstractly know are problematic and we prioritize fixing them less than things that are obviously on fire."
From New York Times
View Full Article
No entries found