Forgot your password?
typodupeerror
Security

Using Distributed Computing To Thwart Ransomware 361

Posted by CmdrTaco
from the much-less-satisfying-than-a-shovel-to-the-face dept.
I Don't Believe in Imaginary Property writes "The folks at Kaspersky labs are turning to distributed computing to factor the RSA key used by the GPcode virus to encrypt people's files and hold them for ransom. There are two 1024-bit RSA keys to break, which should require a network of about 15 million modern computers to spend a year per key factoring them. Unfortunately, there appear to be no vulnerabilities in the virus' use of RSA, unlike some previous cases. Perhaps more interestingly, there's some debate over whether people should bother cracking it. After all, what if they were trying to trick us into factoring the key for a root signing authority? Besides, there's a more direct method of breaking the encryption: track down the people who wrote the virus and force them to talk."
This discussion has been archived. No new comments can be posted.

Using Distributed Computing To Thwart Ransomware

Comments Filter:
  • by FluffyWithTeeth (890188) on Wednesday June 11, 2008 @10:02AM (#23747941)
    Surely all the have to do is start using a new key every so often, and the task becomes pointless?
    • by SQLGuru (980662) on Wednesday June 11, 2008 @10:09AM (#23748077) Journal
      Surely all you have to do is make frequent back-ups of your critical data and the virus becomes pointless.

      Hacker - You must pay me $100 or your files will be forever encrypted by my nigh-unbreakable RSA code.
      User - Meh, I just wiped my system of your virus and restored my important files from back-up. Piss off.

      Layne
      • by oldspewey (1303305) on Wednesday June 11, 2008 @10:16AM (#23748213)
        As has been pointed out in the past - the people who are most likely to become infected with a ransomware virus are exactly the same people who are least likely to have backups available.
        • by Silver Sloth (770927) on Wednesday June 11, 2008 @10:19AM (#23748277)
          Good, sometimes there's only one way to learn about why we have backups. After all, they're just as much at risk from hard disk crashes.
          • by AmiMoJo (196126) <{ten.3dlrow} {ta} {ojom}> on Wednesday June 11, 2008 @11:21AM (#23749453) Homepage
            While I too get frustrated by incompetent users, I think that attitude is a bit harsh. Computers are supposed to have reached the point of being easy to use by laymen, and automatic backup should be part of that.

            Time Machine on MacOS seems to be just about there, all they need to do is bundle an external HDD or offer a free online component for personal docs.
        • Re: (Score:3, Insightful)

          by pla (258480)
          As has been pointed out in the past - the people who are most likely to become infected with a ransomware virus are exactly the same people who are least likely to have backups available.

          Back in my youth, I never made regular backups.
          Then I got a virus.
          Since then, I make regular backups.


          As annoying as it seems, sometimes people need to understand first-hand the need for regular, offline backups. Until they have the experience of data-loss, they just won't appreciate what could happen.
          • Other way around (Score:5, Interesting)

            by DrYak (748999) on Wednesday June 11, 2008 @10:43AM (#23748669) Homepage

            Back in my youth, I never made regular backups.
            Then I got a virus.
            Since then, I make regular backups.
            Back in my childhood I did regular backups of my family's computer.
            Then we got a virus.
            Then we realized that the virus was a time bomb that was already present in dormant form even in the oldest several-months old backups.

            Sometimes you have parents that are both computer geeks, and they teach you the important of offline backups. Never the less, shit happens anyway.

        • Re: (Score:2, Insightful)

          by pegr (46683) *
          I'll assume someone paid the ransom at least once. So what key did they use to decrypt? Do us a favor and post it.

          As for it being a trick to crack a root signing key, would they not have to have the private key to encrypt with to start?
          • by Anonymous Conrad (600139) on Wednesday June 11, 2008 @11:09AM (#23749197)

            I'll assume someone paid the ransom at least once. So what key did they use to decrypt? Do us a favor and post it.

            As for it being a trick to crack a root signing key, would they not have to have the private key to encrypt with to start?
            ... huh?

            It works like this:

            1. Virus generates a random encryption key and encrypts your data with it. Let's call this K.
            2. Virus encrypts the random key with a RSA public key and instructs you to email that, R(K), and your money, to the ransomers.
            3. The ransomers use their RSA private key to decrypt the encrypted random encryption key, R(K), into K.
            4. You use the random encryption key they sold back to you, K, to rescue your data.

            Someone else's decryption key, K', is not useful to you because your data was encrypted with a different random key K. You have an RSA-encrypted copy of your own random key, R(K), because that's what the ransomers need you to send them so they can sell you the decryption key K. We're trying to crack the RSA private key so we can generate K from R(K) without having to pay them money, i.e. sidestep step 3.
        • by Sique (173459) on Wednesday June 11, 2008 @10:52AM (#23748865) Homepage
          So this is another lesson in Computer Security 101: "No one likes Backups, but everyone likes Restore"?
      • Surely all you have to do is make frequent back-ups of your critical data and the virus becomes pointless.

        While keeping backups regularly is something we must do, I'd like to add that surely all you have to do is install an Operating System with decent security (such as GNU/Linux) and all the viruses become pointless.

        My dad is still using Windows. His application icons have some desktop below them - pardon, i meant to say that his desktop is filled with application icons, all installed by third party applications (which I don't know are virus-free, but most of them have a GPL equivalent in GNU/Linux), he's rei

        • by bigstrat2003 (1058574) * on Wednesday June 11, 2008 @11:07AM (#23749151)
          I use Windows because I'm not brain-dead and can keep my machine secure. For those of us who know what we're doing, it doesn't matter what OS we use. For those of us who don't know what we're doing, similarly, it doesn't matter what OS we use: you're only kidding yourself if you think that widespread Linux adoption would result in there not being many/any pwned machines. The user is, and always will be the biggest computer vulnerability.
    • Of course, but the point is that users that lost data can tuck their harddrives away someplace safe, and hopefully someday recover their data.
    • Re: (Score:3, Interesting)

      Reminds me of a story. It's a classic inspirational story, of a storm that washes up a bunch of starfish -- or maybe they're seahorses, or jellyfish, depending on who's telling the story. So there's all these starfish dying on the beach... A kid is walking along the beach, picking them up, one by one, and tossing them back into the ocean. A man watches him do this, and after awhile, walks up and says "You know you're not going to make a difference, right?"

      The kid picks up another starfish, tosses it into th
  • by elrous0 (869638) * on Wednesday June 11, 2008 @10:03AM (#23747971)
    Encourage people to make backups of their data on disc, tape, or portable harddrives. I know that's a radical idea, but it just might be crazy enough to work.
    • by houghi (78078)
      My though exactly. The partition I use for backups is read-only. Just during backup is is writable by just one user. The fact that this user is called root and I run Linux might make it even harder to crack.

      But still, read-only partitions for your backups.
    • by khasim (1285) <brandioch.conner@gmail.com> on Wednesday June 11, 2008 @10:16AM (#23748229)
      Don't forget the corollary.

      Encourage the application writers to make their applications EASY TO BACKUP.

      The problem I keep seeing is that TELLING someone to back up their data is easy to do. FINDING ALL of the data is just about impossible.

      You'll never know if you got it all until AFTER a problem.

      Or even ... how about just including a simple script that will look at how it's installed TODAY and back it up to a location chosen by the user? And then that script will generate a script to install that backup should you need it to. Along with license keys and decoding keys and unlocking keys, etc.
      • by hoggoth (414195)
        > Encourage the application writers to make their applications EASY TO BACKUP.
        > The problem I keep seeing is that TELLING someone to back up their data is easy to do. FINDING ALL of the data is just about impossible.

        It drives me crazy that it is nearly impossible to back up applications under Windows.
        I want to back up a directory tree and know that I can reinstall that appliction by restoring that backup.
        But under Windows, the application consists of files in the applications 'Program Files' directory
        • by khasim (1285) <brandioch.conner@gmail.com> on Wednesday June 11, 2008 @10:41AM (#23748641)

          Do I just not know some Windows Admin secret magic, or is it true that I really can't back up my applications.
          There is a little magic that you can try, but you are pretty much correct. You cannot EASILY backup your Windows apps.

          For the Registry, you can "export" the entries for that app to a file and, later, you can import that file into the Registry.

          The problem with the Registry is the same as you've noted with the file system. Stuff gets put EVERYWHERE. And there is no way to KNOW that you have EVERYTHING until AFTER you attempt to restore it. AND that doesn't include anything "updated" when you get a patch or point-zero-one release "upgrade".

          Now, the installer can put that stuff everywhere ... and in theory it can remove that stuff when you un-install it ... but it cannot COPY that stuff to a backup directory/device?

          And I don't want to hear that that is to prevent "piracy". Just encrypt the stuff with the unlocking key or whatever. That way I can keep a TEXT file of app-name -- key code on my USB drive along with the backups.
        • by pla (258480) on Wednesday June 11, 2008 @10:47AM (#23748769) Journal
          Do I just not know some Windows Admin secret magic, or is it true that I really can't back up my applications. I'd like to be able to reinstall Windows and then restore all of my applications.

          Not quite a direct answer, but you might want to consider using mostly "Portable" [portableapps.com] apps (that site has tons of them, but by no means counts as the only source... And of course, better-designed programs work portably without needing a wrapper).

          They have nothing to do with Linux or FOSS (though they do tend to exist as FOSS and have Linux versions available). You copy the program's directory (and, if you changed it, your data directory) to a new machine, and bam, it just works. No installation, no annoying migration tools that fail half the time, no custom compression schemes that only worked back on version 4.8 but they stopped supporting in 5.0 and no longer sell version 4.8, etc.

          With most of them, you can run them from USB thumb-drives (the original meaning in this context of "portable" - Literally, you can take them with you); With many, you can even run them from read-only media such as a CD (though obviously you can't save your data in the same place when doing so).
    • by nurb432 (527695)
      unless the virus doesn't show itsself for months, then you have managed to backup a virus infested file.
    • by SatanicPuppy (611928) * <`Satanicpuppy' `at' `gmail.com'> on Wednesday June 11, 2008 @10:44AM (#23748693) Journal
      If we had a backup, wouldn't it be possible to break the encryption using the backed-up data as a crib? Why force the key directly when you know what is in a large chunk of the cyphertext?

  • by jalet (36114) on Wednesday June 11, 2008 @10:04AM (#23747987) Homepage
    Where's Jack Bauer when you need him ???
    • by wagnerrp (1305589) on Wednesday June 11, 2008 @10:16AM (#23748219)

      Fortunately, we had Interbank Data Recovery Services. And Interbank does more than just acquire the decryption key.

      That's because Interbank vows to find out who sent you the ransom and hunt them down like animals. Like filthy, dirty animals. That's the Interbank difference. See, I don't care how Interbank's secret police get things done. I just care that they get things done. For us.

      Plus, because we'd enrolled in their Premiere Membership program, Interbank also hunted down friends and relatives of the guy who had encrypted our data, dragged them from their beds in the middle of the night, and set fire to their homes.

    • Where's Jack Bauer when you need him ???

      Recovering from post traumatic stress disorder, a number of wounds, and radiation poisoning.
  • Damn it (Score:4, Funny)

    by alx5000 (896642) <alx5000.alx5000@net> on Wednesday June 11, 2008 @10:05AM (#23747997) Homepage

    Besides, there's a more direct method of breaking the encryption: track down the people who wrote the virus and force them to talk.

    If only I hadn't erased Jack Bauer's cell from my contact list after the last season...

    • Re: (Score:3, Funny)

      by Spy der Mann (805235)

      Besides, there's a more direct method of breaking the encryption: track down the people who wrote the virus and force them to talk.

      If only I hadn't erased Jack Bauer's cell from my contact list after the last season...

      I had his number in my PC, but somehow I can't access it all of a sudden. I think a virus encrypted it.
  • I'm glad at the enormous figures involved here (one year x 15 million computers). Hopefully, it'll teach people to backup systematically, cleanly and frequently - after all, the arms race on malware/virii has led to better computer security policies and techniques, even if there were many casualties.
  • That all depends ... (Score:2, Interesting)

    by El Cubano (631386)

    Besides, there's a more direct method of breaking the encryption: track down the people who wrote the virus and force them to talk.

    That depends on whether you think it is acceptable to compel someone to reveal something like that. If, as for example in the US, someone cannot be forced to incriminate himself, then he can just refuse and there is no further recourse. That is, if the only way of getting information out of someone is to ask them nicely for it.

    • Re: (Score:2, Funny)

      by alx5000 (896642)
      ... or bribing them! Hah! Foiling their plans of locking peoples files down! Oh, wait...
    • by joshamania (32599)
      Well, Dubyuh's already pretty much told the whole world he doesn't give a rats ass about the "rights" of his own citizens, let alone those of a foreign national running an extortion campaign against citizens of the US and other western nations.

      My personal opinion is that these guys have a bullet with their name on it, its just a matter of time before stuff like this starts getting people killed on a regular basis. If the governments are not powerful enough or unwilling to tackle such criminal issues...one
      • by xaxa (988988)

        There is no recourse right now in the current criminal justice system for crimes of this nature.

        Really? In the UK there's things like the Computer Misuse Act, and since the scammer has accessed a computer without permission (with the virus) he's clearly breaking the law. A UK citizen was extradited to the USA last year for hacking a government computer, I think you have the laws.

        I have zero problems with the CIA going and finding homes for bullets in Russian spammers or Nigerian scammers or any other criminals who attack US citizens from outside the US.

        And you trust the CIA to do it right? Ha!

        • by joshamania (32599)
          And I'm sure the Russians and the Chinese are just lined up outside their respective United States embassies with armloads of computer criminals who's main source of income comes from US citizens.

          Western "laws" dont extend to most of the world, and yet just about every square foot of this Earth can receive internet access without all that much trouble. I could probably set up a wifi hotspot just about anywhere in Namibia for under $3000 USD. But that's nothing because these idiots made 20 grand in the fir
    • by Xest (935314)
      This sort of scenario is one of the few where I think plea bargains are probably a good thing. The rest of the time they seem rather a stupid idea to me.

      If the guy isn't willing to let hundreds of people have their data back then throw the book at him, if he's at very least decent enough to give it up then cut his sentence a fair bit.
    • On the other hand they could just say, "Tell us the keys and you'll only get 10 years in prison."
    • Re: (Score:3, Funny)

      by Just Some Guy (3352)

      That depends on whether you think it is acceptable to compel someone to reveal something like that.

      Oh, I do: as long as it's not the government doing the compelling.

      Just once it'd be fun to hear that the local mafia don's PC got infected because his wife wanted cute smileys, and that the local prosecutor is frustrated by the lack of direct evidence linking the don to what they found down by the river.

  • by JCSoRocks (1142053) on Wednesday June 11, 2008 @10:09AM (#23748073)
    How are we going to do that? Everyone knows that things aren't nearly as fun as they used to be... people are even complaining about waterboarding now! what's this world coming to? Shoot, I remember when you could put a man on the rack - no problem.
    • by Opportunist (166417) on Wednesday June 11, 2008 @10:14AM (#23748191)
      Simple. Lock them in a cell with a person whose complete pr0n collection is now encrypted. Then go out and come back about an hour later. They talk. They will confess everything, including the assassination of JFK, just as long as they don't have to spend more time with someone whose jackoff material is gone and they're to blame for it.

      Talk about motivation!
  • by Opportunist (166417) on Wednesday June 11, 2008 @10:10AM (#23748107)
    The people who did that sit in a country ending in -stan. Countries ending in -stan have real problems and don't care for problems their citizens cause abroad.

    You can trust me on that one, I've tried. I've even had so much as the name of the person to prosecute. Nothing came out of it. Despite including our federal police and interpol.
    • by CodeBuster (516420) on Wednesday June 11, 2008 @11:37AM (#23749781)

      You can trust me on that one, I've tried. I've even had so much as the name of the person to prosecute. Nothing came out of it. Despite including our federal police and interpol.
      Nothing came of it because you did not sweeten the pot for local law enforcement, politicians, and judges with large bribes. If one wants justice or even just to get something done in a -stan country then one has to grease the wheels of the local economy or in other words its pay (more than your opponent) to play. This is how much of the world outside of the United States, Britain, and Western Europe functions, it is practically impossible to get things done or at least done quickly if bribes are not involved.
  • How? I thought torture was disallowed.
  • by iamacat (583406) on Wednesday June 11, 2008 @10:11AM (#23748121)
    They are best off using a large botnet then. Perhaps modify the extortion virus itself so that it's part of solution rather than part of the problem.
  • The sadists who ran Saddam's network of torture and death chambers are out of work at the moment.

    Surely they could be employed to .... persuade these people to talk.

  • 15 million CPU years (Score:4, Interesting)

    by robo_mojo (997193) on Wednesday June 11, 2008 @10:14AM (#23748175)
    15 million CPU years per key? And the attacker can just make up new keys as often as he likes. He could even make a different key for each target if he wanted.

    15 million CPU years is a lot to spend when you could just restore from backups.
  • 1024 bits is big (Score:2, Insightful)

    by steveb3210 (962811) *
    The size of the keyspace doubles per bit, 2^1024 is the size of keyspace.. Brute factoring the key is not happening..
    • Re: (Score:3, Informative)

      by Daimanta (1140543)
      But you don't have to check them all. You can start at the root of the number and go down, skipping even numbers and then some.
      • Re: (Score:3, Interesting)

        by evanbd (210358)
        That would solve it in only 2^511 operations. In actuality, factoring of large numbers is far more efficient than that. The techniques are complex, but they're quite good. That's why a 1024 bit RSA key is considered somewhat small (2048 or 4096 are the norm) but for symmetric key ciphers (where you do have to try all 2^n possible keys) use key sizes of 256 bits or less.
  • by 140Mandak262Jamuna (970587) on Wednesday June 11, 2008 @10:16AM (#23748227) Journal
    We should not help people whose data is held at ransom. Finally they will see the folly in using cheapest software, in the cheapest platform with no regard for security. Companies will start taking insurance against data loss. And the insurance premium will be more for insecure closed proprietary crapware like Windows.

    As long as security is valued at zero dollars when the IT bean counters are evaluating platforms and vendors crapware will proliferate.

    • Re: (Score:3, Interesting)

      by zullnero (833754)
      You seem to forget that Windows isn't cheap at all. Have you ever purchased a site license?

      The real people against the wall are lazy Windows admins, or companies that understaff their IT department (or hire idiots with little formal education or experience on the dime). No one will ever take out insurance against this stuff, and if someone tries to sell it, they may well be the scum behind the ransomware to begin with. What companies will do is force all their IT people to get MS certs, because manage
    • Re: (Score:3, Insightful)

      This one's a Trojan, though, not an exploit. If your platform allows installing general-purpose software then the possible countermeasures (warnings, administrator password prompts, requiring chmod +x, sandboxing) are all kind of flimsy. Sandboxing is at odds with the "general purpose software" part -- imagine that this had been masquerading as a privacy tool that protected your files by encrypting them. Either you have a sandbox the user can't override that blocks legitimate encryption software, or you hav
  • by uab21 (951482) on Wednesday June 11, 2008 @10:16AM (#23748237)
    The screenshot at http://news.cnet.com/8301-10784_3-9965381-7.html?tag=nefd.top [cnet.com] says that the victim pays to download a 'decryptor'. Either the decryptor contacts, in real time, the extortionist (at a server location that can be linked to them), or the private key is included in the decryptor program, and should be able to be sussed out...
    • by steveb3210 (962811) * on Wednesday June 11, 2008 @10:19AM (#23748281)
      The explanation I found on the site isn't quite this simple. The data is encrypted with a randomly-generated symmertic key that is protected with RSA.. You send the bad guys the file with the key in it, they decrpyt it and write a program to decrypt everything..
      • by Kjella (173770) on Wednesday June 11, 2008 @10:43AM (#23748673) Homepage
        Quite simple and very effective and can be done using standard tools:

        1. Encrypt victim's data with random AES key
        2. Store key in body of a PGP message for yourself
        3. Get victim to send you the PGP message
        3. Decrypt PGP message using private PGP key, find AES key
        4. Send AES key to victim - for a price...

        Seriously, this could probably be hacked together in the matter of a few hours if explained to someone knowledgable. The private key never leaves the bad guys. And if they decide the heat is on and torch the operation and set it up elsewhere you're 100% screwed. Trying to crack this must be the most useless operation ever, they could easily make the keys stronger and thousands of years would pass to crack it. In one word: Nasty.
    • by canuck57 (662392)

      The screenshot at http://news.cnet.com/8301-10784_3-9965381-7.html?tag=nefd.top [cnet.com] says that the victim pays to download a 'decryptor'. Either the decryptor contacts, in real time, the extortionist (at a server location that can be linked to them), or the private key is included in the decryptor program, and should be able to be sussed out...

      In which case, setup a sting operation and pay for one. Me, I have no intention of lending my CPU to crack keys for someone who didn't make backups.

  • Leave it be. (Score:3, Insightful)

    by Just Some Guy (3352) <kirk+slashdot@strauser.com> on Wednesday June 11, 2008 @10:18AM (#23748259) Homepage Journal

    So, there are two possibilities here:

    1. People are running crappy software that got hacked, or
    2. People did something dumb like running an .exe that someone mailed them.

    Either way, this seems like a pretty strong (if harsh) lesson for end users. If #1, use better software, like your geek friends have been telling you this for years. That doesn't have to mean installing Ubuntu; it could just mean upgrading from IE6 to Firefox (or IE7), or from Outlook Express to Thunderbird (or Gmail). If #2, then haven't you been told about 1,000 times not to do that? Now do you see why?

    I truly feel bad for people who get nailed for this, in almost exactly the same way I feel bad for my kids when they touch the stove after I've told them it was hot.

  • If we take known data and expose it to this virus, it will encrypt it so well that it takes 15 million computers to figure out the key?

    I assume the folks at Kaspersky labs know what they are doing, but known data? Even if we get several samples of known data and compare it to it's encrypted counterpart, it takes 15 million computers?

    I mean Colossus only had suspected known data, such as, "Nothing to report" and broke the enigma code. That's impressive!
    • by brunes69 (86786)
      I think you need to re-take your "Encryption 101" course. Knowing the data is no help at all in discovering the private key in a public/private key system.

      For example, do you think your SSH password is encrypted the same way every time it crosses the wire? No.

      • Re: (Score:3, Interesting)

        by burris (122191)
        Actually, RSA is vulnerable to chosen plaintext. That is one of the reasons why a signature system encrypts the hash of the document instead of the document itself.

        In this case it is a randomly generated symmetric key that is encrypted so known plaintext won't help. I wonder if the white hats have looked closely at the key generation code. There is a good chance that there isn't much entropy in the keys and the keyspace can be narrowed down enough to make guessing the symmetric key feasible.
    • Re: (Score:2, Informative)

      by Anonymous Coward
      If this is the least bit surprising to you, all I can say is that you are not very up to date with cryptography. Security against a so-called "known plaintext attack" is an absolutely stock standard criteria for ciphers these days. For the last few decades no serious cipher has been substantially weaker against known plaintexts than against random plaintexts.
  • Data recovery (Score:5, Insightful)

    by KevMar (471257) on Wednesday June 11, 2008 @10:25AM (#23748363) Homepage Journal
    So the encryption is sound, but did he just delete the old files after encrypting them or did he scrub the drive too.

    Someone try to undelete the files with a disk recovery tool and see what you get. Just because the file is encrypted does not mean that the original was correctly destroyed.
  • by mkcmkc (197982) on Wednesday June 11, 2008 @10:29AM (#23748437)
    What seems to be missing here, is the realization that if someone has encrypted your files without your permission (supposedly for ransom), there is no reason to trust them to restore the files correctly, and very good reasons not to trust them.

    I suppose if the file in question was something like a manuscript for a novel, where the owner can more or less verify it by eye, and (importantly) there isn't that much downside if our opponent sneaks some changes in, that might be worthwhile. But in general...

  • 1. Track down the virus' creator.
    2. Encrypt his/her data with a similar algorithm plus a key logger.
    3. The keylogger phones home with the key the perpetrator used to decrypt his/her data.
    4. Profit!
  • They might talk, but if there are any passwords involved, they are protected by the 5th amendment from having to divulge them.
  • Is it targeted manually, or is it a specifically directed attack? If it's out in the wild being spread [cough] virally, rather than being inserted into specific targets, then what happens when a mobster's double book accounting system gets infected. Some people have mentioned ruthless CEO's - but if this infected the wrong system, these folks could have someone after them with no restraint, deep pockets, and the resources and experience to root them out. Do I smell a TV movie in the offing?
    • Re: (Score:3, Interesting)

      by jonwil (467024)
      It may sound bad but I actually WANT something like this to be created such that it will spread with the full force of Code Red, Nimda, Blaster, Storm and other massive attacks. 1000s of people and organizations worldwide (some of whom are important and/or have lost important data) would be hit and the world might actually start giving a stuff about computer security.
  • RC4 is easier... (Score:3, Interesting)

    by Panaflex (13191) <convivialdingo AT yahoo DOT com> on Wednesday June 11, 2008 @10:47AM (#23748773)
    Why waste time factoring RSA?? The RSA simply wraps an RC4 key.

    RC4 brute force is far easier. There are several known problems with RC4 which may possibly work to our advantage in cracking the data as well..
    • Re: (Score:3, Interesting)

      by burris (122191)
      Much more promising is the possibility of a lack of entropy in the key selection process. Without a lot of entropy and a good RNG, the size of the probable keyspace may be reduced dramatically. Enough that searching all probable keys may quite feasible, even trivial.
  • by Minwee (522556) <dcr@neverwhen.org> on Wednesday June 11, 2008 @11:34AM (#23749723) Homepage
    Given the choice between fifteen million CPU years spent breaking keys and about ten minutes of breaking fingers, it seems pretty clear which one is more efficient.

This file will self-destruct in five minutes.

Working...