Fujitsu and its Japanese partners have taken 148 days to carry out a cryptanalysis that had been estimated to take hundreds of thousands of years
Fujitsu Laboratories said on Monday it has successfully cracked a next-generation cryptography standard known as pairing-based cryptography, breaking a world record.
Fujitsu and its partners, Japan’s National Institute of Information and Communications Technology (NICT) and Kyushu University, took 148.2 days to carry out a cryptanalysis of the 278-digit (923-bit) pairing-based cryptography, a task that had been thought to require several hundred thousand years.
The result is intended to give organisations a basis for evaluating the security of pairing-based cryptography and how long it may be securely used, Fujitsu said. Pairing-based cryptography is becoming a next-generation standard for government systems and international bodies, according to Fujitsu.
“As cryptanalytic techniques and computers become more advanced, cryptanalytic speed accelerates, and conversely, cryptographic security decreases,” Fujitsu said in a statement. “Therefore, it is important to evaluate how long the cryptographic technology can be securely used.”
Such a cryptanalysis would allow an attacker to counterfeit the authority of a system administrator, according to Fujitsu.
To break the cryptography the team used 21 personal computers with a total of 252 cores, which Fujitsu noted was several hundred times the computing power used to achieve the previous world record, cracking a cryptogram based on 204 digits (676 bits).
Fujitsu said it reduced the time needed to carry out the attack by combining several new techniques, including parallel programming methods.
“We were able to overcome this problem by making good use of various new technologies, that is, a technique optimising parameter setting that uses computer algebra, a two dimensional search algorithm extended from the linear search, and by using our efficient programing techniques to calculate a solution of an equation from a huge number of data, as well as the parallel programming technology that maximises computer power,” Fujitsu said in a statement.
Unlike Fujitsu’s work, some of the recent flaws exposed in cryptographic systems have been attributed to the implementation of the systems rather than the underlying techniques involved.
In February, for instance, Swiss researchers concluded that some RSA public encryption keys offered “no security at all” because they had been improperly generated.
In 2010 Norwegian researchers found a way to crack the security of quantum cryptography, a crack carried out by taking control of the photon detectors commonly used in implementing such systems. Quantum cryptography relies on quantum mechanical effects to perform cryptographic tasks.
In January researchers proposed a technique called “blind quantum computing” that could allow quantum cryptography to be extended to the cloud.
How well do you know Internet security? Take our quiz!