Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday September 22 2019, @10:40AM   Printer-friendly
from the not-quite-what-was-claimed dept.

Submitted via IRC for Bytram

Medicine show: Crown Sterling demos 256-bit RSA key-cracking at private event

On September 19, in a conference room at the Pelican Hill Resort in Newport Beach, California, Crown Sterling CEO Robert Grant, COO Joseph Hopkins, and a pair of programmers staged a demonstration of Grant's claimed cryptography-cracking algorithm. Before an audience that a Crown Sterling spokesperson described as "approximately 100 academics and business professionals," Grant and Hopkins had their minions generate two pairs of 256-bit RSA encryption keys and then derive the prime numbers used to generate them from the public key in about 50 seconds.

In a phone interview with Ars Technica today, Grant said the video was filmed during a "business session" at the event. The "academic" presentation, which went into math behind his claims and a new paper yet to be published, was attended by "mostly people from local colleges," Hopkins said. Grant said that he didn't know who attended both sessions, and the CEO added that he didn't have access to the invitation list.

During the presentation, Grant called out to Chris Novak, the global director of Verizon Enterprise Solutions' Threat Research Advisory Center, naming him as a member of Crown Sterling's advisory board. The shout-out was during introductory remarks that Grant made about a survey of chief information security officers that the company had conducted. The survey found only 3% had an understanding of the fundamental math behind encryption.

The video of the demonstration is here. (The video was briefly marked as private, but is now back again.) The demo was displayed from a MacBook Pro, but it appeared that it was being run in part via a secure shell session to a server. Grant claimed that the work could be used to "decrypt" a 512-bit RSA key in "as little as five hours" using what Grant described as "standard computing."

The demonstration only raises more skepticism about Grant's work and about Crown Sterling's main thrust—an encryption product called Time AI that Grant claims will use the time signature of AI-generated music to generate "quantum-entangled" keys. Grant's efforts to show how weak long-cracked versions of RSA are was met with what can only be described as derision by a number of cryptography and security experts.

Mark Carney, a PhD candidate at the University of Leeds, used Msieve, a well-established factoring method, on his laptop. Carney cracked compound numbers larger than RSA keys into primes in about 20 seconds. "These [were] not 256-bit keys, just larger-than 256-bit numbers," he explained, but "these are using standard quadratic sieve methods. So long as I haven't messed this preliminary test up too much, this is un-optimized Msieve out-performing Crown Sterling's algorithm by roughly 50 percent."

Henryk Plötz, a computer scientist in Berlin, ran a test of his own, with similar results:

Well, this is Sagemath on my Ultrabook (X1 Carbon 2017).
I'm assuming the default implementation is single-threaded. So, "50 seconds" is exactly the expected performance on a 4-core laptop. pic.twitter.com/2WlvZaR0vk

— Henryk Plötz (@henrykploetz) September 20, 2019

Related: Claim: SHA-256 has been Broken


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by JoeMerchant on Sunday September 22 2019, @07:41PM (5 children)

    by JoeMerchant (3937) on Sunday September 22 2019, @07:41PM (#897233)

    Since the density of primes is not the same as the density of the ordinals, the growth isn’t quite equal to a power of two.

    By the time you get up to 2^256, the density of primes is pretty close to constant, yes it continues to drop as you go up, but by a very small fraction, I'm sure it has been computed, documented and published many times - whatever it is, it's not dramatic like sqrt(n) instead of n.

    While "cracking" RSA256 in 50 seconds is, indeed, nothing new or amazing, it's not an entirely wasted exercise. There are plenty of people who have no sense of what "secure" is, or how 256 bit security relates to the currently recommended 3072 or 4096 bit security. Showing them, live, what it means to have a too short key, and then explaining how much better the secure keys are, can make a more useful lesson than "trust me, I'm with the government, we know security."

    --
    🌻🌻 [google.com]
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by pipedwho on Sunday September 22 2019, @10:58PM (4 children)

    by pipedwho (2032) on Sunday September 22 2019, @10:58PM (#897289)

    But extending an RSA by doubling it’s size give you about 32 bits of additional effective AES equivalent security.

    Adding an extra few bits to an RSA key isn’t going to do much. To get an equivalent of 256 bit AES you need a 15000+ bit RSA key.

    So you’re right that extending key sizes improves security, but showing that a 256bit RSA key can be broken says nothing. People might do some basic (invalid) math and assume that a 512 bit RSA might take 2^256 times the 50 seconds. Obviously (to us) this is not the case due to the nonlinear reductions as size grows with algorithms used for factorising. Whereas doubling the size of a 128 bit AES key grows the effort by the full 2^128 increment.

    • (Score: 2) by JoeMerchant on Monday September 23 2019, @01:31AM (3 children)

      by JoeMerchant (3937) on Monday September 23 2019, @01:31AM (#897337)

      People might do some basic (invalid) math

      No might about it, that will happen, frequently.

      Back in 1989, I sat through a rather boring semester of graduate level cryptography. I expect they have the same courses today. I would hope that any company getting their hands dirty with roll their own keylength and other algorithmic choices would have at least one team member who has the equivalent of that course, or self-study at that level. Hope in vain, I am certain, because nobody on the business side of most ventures really know or care how it works, to them it's all encrypted all the time - no fancy algorithms required.

      --
      🌻🌻 [google.com]
      • (Score: 2) by opinionated_science on Monday September 23 2019, @11:15AM (1 child)

        by opinionated_science (4031) on Monday September 23 2019, @11:15AM (#897500)

        I read about RSA in Knuth, Vol 2.

        I suppose I may need to update my knowledge, but for RSA, that was a pretty good treatment.

        • (Score: 2) by JoeMerchant on Monday September 23 2019, @02:47PM

          by JoeMerchant (3937) on Monday September 23 2019, @02:47PM (#897564)

          Now, three decades later, the only thing that I truly took away from that course is: asymmetric encryption using public/private key pairs is a thing. Which, I suppose, is not a total waste of three credit hours.

          If I were to do anything that really "mattered" with encryption, I'd self-study the source material until a clear picture came through - not a "oh, I can barely see how to make this look like it's working" level of understanding, which - to be honest - is better than average in most of the field, but an actual: "here are the available parameters and this is what happens as you adjust them..."

          Since I mostly just dabble with crypto-tech as thought exercise / hobby, my favorite implementation is: algorithm X - insert whatever is appropriate, and make sure your coding / data designs can handle changing X to Y to Z without a major rewrite. This, too, seems beyond many of the "serious" implementations out there...

          --
          🌻🌻 [google.com]
      • (Score: 2) by pipedwho on Tuesday September 24 2019, @12:37AM

        by pipedwho (2032) on Tuesday September 24 2019, @12:37AM (#897887)

        No might about it, that will happen, frequently.

        Sad, but true.