|
Researchers close security gap in the Internet
 Rüschlikon/Switzerland,
August 24, 1998 -- Two mathematicians, one at the Swiss Federal
Institute of Technology (ETH) in Zurich and the other at the IBM
Zurich Research Laboratory in Rüschlikon, have co-developed the
world's first feasible public-key cryptographic system that has
been mathematically proved to protect encoded information from even
the most aggressive hacking attacks.
None of the encryption systems commercially available today has
been proved to provide absolute security against so-called "active"'
attacks. Such attacks are especially devious because, unlike ordinary
attacks, they do not attempt to solve the mathematical problem underlying
the encryption and thus break the code. Instead, the attacker interacts
with the decryption system by sending a series of cleverly crafted
text files to a publicly accessible server, which possesses the
secret decryption key. By analyzing the server's responses, the
attacker can break the encryption code. Cryptographers call this
an "adaptive chosen-ciphertext attack". Known to cryptographers
for nearly two decades, this kind of attack is considered the most
aggressive that any cryptosystem should be expected to withstand.
Until now, however, no mathematically sound and yet practically
feasible solution has been found.
The threat posed by active attacks in practice was shown earlier
this year by a scientist at Bell Labs (USA), who managed to decode
information secured by Secure Sockets Layer (SSL), Version 3.0,
the standard encryption system used for Web browsers.
This security gap has now been closed by a new encryption scheme
invented in Switzerland by Ronald Cramer of the Institute of Theoretical
Computer Science at the Swiss Federal Institute of Technology (ETH)
in Zurich and Victor Shoup of IBM's Zurich Research Laboratory in
Rüschlikon. Both the attack on SSL and the new Cramer-Shoup encryption
system were presented at the technical conference "Crypto '98"
being held this week at the University of California at Santa Barbara,
USA.
Security against attacks with reasonable effort All public-key
encryption systems comprise a pair of public and private keys that
are related by a mathematical problem considered too difficult to
be solved within a reasonable amount of time. The public key is
used to encrypt messages, which can be decrypted only by someone
who possesses the private key. The core of the problem with active
attacks is that the holder of the private key usually cannot distinguish
between legitimate and manipulated encryptions. By responding to
a manipulated text, the holder of the private key divulges crucial
information that allows the hacker to break the code. This problem
has been studied by scientists at IBM's Almaden Research Center
in California since 1991. Their work resulted in mathematically
exact definitions of cryptosystems that are secure against such
attacks, and they developed the first mathematically proved secure
system. For general practical use, however, the required computational
effort was too great.
Cramer and Shoup's major achievement is combining mathematically
proven security with the efficient operation required for practical
use. They provide a rigorous proof that their cryptosystem can be
broken only by solving a problem known among mathematicians as the
Diffie-Hellman Decision Problem. So far, no practical solution to
this problem has been found, and it is a commonly accepted conjecture
in cryptography that no such solution exists. The Cramer-Shoup cryptosystem
requires about two to three times the computing time of systems
in use today, which are based on the same mathematical problem but
provide less security. IBM plans to incorporate the new system into
a future version of its Vault Registry, the IBM SecureWay public-key
infrastructure product.
|
