In early January, the Financial Times magazine published an article about a study by Chinese scientists who managed to crack RSA encryption. The news was quickly "picked up" by the world media and, at some point, this information acquired a hype comparable to the invention of the atomic bomb and the prospects for the appearance of an absolute cyber weapon from science fiction films that can hack everything and everyone.
But is this event so significant for global cybersecurity? In this article, we will analyze the main features of the RSA algorithm, the importance of breaking this encryption for the world and the further development of cryptography.
The RSA encryption algorithm is, for its time, a breakthrough solution, since it was the first suitable for both encryption and digital signature. At the same time, the algorithm provided almost absolute protection, since, with the computing power available at that time, decrypting the "long key" would require an impossible amount of time.
In practice, the need for a "long key" was also the main disadvantage of this algorithm, since the key length negatively affected the performance and response speed of systems. As a result, many users quickly switched to "simplified versions".
If we talk specifically about hacking resistance, then the researchers ' interest was attracted not by the RCA algorithm itself "in general" as an unbreakable cipher, but specifically by RSA encryption with a 2048-bit key.
Does this play down the researchers ' achievements? Of course not, since the essence of their work is only clear in the context of other events. In itself, this is just a scientific study that is of real interest only to a narrow number of researchers who are able to appreciate the "beauty of thought" expressed in mathematical formulas.
The problem with RSA hacking resistance has been raised by specialized specialists for quite a long time. Therefore, NIST (National Institute of Standards and Technology, USA) has been "running a competition" for at least five years to select a new, post-quantum encryption method that will become the next mass solution and replace the RSA method. The Institute estimates that the transition process should be completed by 2033.
In this context, the main achievement of Chinese specialists is that they have called into question all quantum-resistant cryptographic solutions. In simple words – on the basis of this research, with the help of quantum computers (sufficient power), it is possible to crack any encryption that is currently called quantum-resistant. Such conclusions, in particular, were made by experts Bruce Schneider and Roger Grimes.
If we talk about the rejection of RSA encryption, then its probability in the near future is primarily due to the readiness of specific countries and companies to switch to new solutions, as well as the availability of "trusted" new types of cryptographic encryption.
It can be assumed that, like all big changes, the process will be massively launched only after the appearance of a real threat and the first high-profile precedents related to hacking the RSA algorithm with a long key.
However, for the state and sensitive areas of its activity, this is certainly a brewing problem and a reason to encourage domestic cryptographic specialists. The task, in the context of the thesis that the research of Chinese specialists is only the basis for the upcoming "attack" on quantum – stable systems, will be as non-trivial as possible.
But is this event so significant for global cybersecurity? In this article, we will analyze the main features of the RSA algorithm, the importance of breaking this encryption for the world and the further development of cryptography.
What is the RSA algorithm in simple words?
This encryption algorithm gets its name from the first letters of the names of the specialists who developed it: Rivest, Shamir, and Adleman. It was introduced in 1977 and is currently used in the vast majority of cryptographic applications.The RSA encryption algorithm is, for its time, a breakthrough solution, since it was the first suitable for both encryption and digital signature. At the same time, the algorithm provided almost absolute protection, since, with the computing power available at that time, decrypting the "long key" would require an impossible amount of time.
In practice, the need for a "long key" was also the main disadvantage of this algorithm, since the key length negatively affected the performance and response speed of systems. As a result, many users quickly switched to "simplified versions".
If we talk specifically about hacking resistance, then the researchers ' interest was attracted not by the RCA algorithm itself "in general" as an unbreakable cipher, but specifically by RSA encryption with a 2048-bit key.
Hacking: did it happen at all?
If we refer directly to the original text of the study, we can come to two conclusions:- There was no actual hacking. Scientists only talk about the mathematical possibility.
- There are no hacking capabilities available at the time of writing the study. Quantum computers of the required power have just been announced.
Does this play down the researchers ' achievements? Of course not, since the essence of their work is only clear in the context of other events. In itself, this is just a scientific study that is of real interest only to a narrow number of researchers who are able to appreciate the "beauty of thought" expressed in mathematical formulas.
The problem with RSA hacking resistance has been raised by specialized specialists for quite a long time. Therefore, NIST (National Institute of Standards and Technology, USA) has been "running a competition" for at least five years to select a new, post-quantum encryption method that will become the next mass solution and replace the RSA method. The Institute estimates that the transition process should be completed by 2033.
In this context, the main achievement of Chinese specialists is that they have called into question all quantum-resistant cryptographic solutions. In simple words – on the basis of this research, with the help of quantum computers (sufficient power), it is possible to crack any encryption that is currently called quantum-resistant. Such conclusions, in particular, were made by experts Bruce Schneider and Roger Grimes.
How will this affect regular users?
Directly, in the foreseeable future – almost nothing. First of all, the quantum computers required for hacking are almost exclusive machines that will fall into the hands of cybercriminals, at best, in decades (we are talking about machines with a capacity of 372 qubits and higher).If we talk about the rejection of RSA encryption, then its probability in the near future is primarily due to the readiness of specific countries and companies to switch to new solutions, as well as the availability of "trusted" new types of cryptographic encryption.
It can be assumed that, like all big changes, the process will be massively launched only after the appearance of a real threat and the first high-profile precedents related to hacking the RSA algorithm with a long key.
However, for the state and sensitive areas of its activity, this is certainly a brewing problem and a reason to encourage domestic cryptographic specialists. The task, in the context of the thesis that the research of Chinese specialists is only the basis for the upcoming "attack" on quantum – stable systems, will be as non-trivial as possible.
