They may look harmless but screensavers could betray you while you're out at lunch. Two cryptographers have discovered that the randomness of the "keys" that are used to encode encrypted documents could be their downfall.
The discovery was made by Adi Shamir at the Weizmann Institute of Science in Rehovot, Israel, joint inventor of the widely used RSA public key cryptography system, and Nicko van Someren of nCipher, a British electronic security company based in Cambridge. The more random a private signature key is, the harder it is to crack encrypted files. But by scanning hard drives for chunks of data that are particularly random, the pair found that it is possible to weed out keys stored on a disc.
Most programs organise data into some sort of level of structure, so blocks of randomness stand out and can be spotted with the same ease that a human eye can tell the difference between a good TV picture from one with lots of interference. According to van Someren, this means that even though the keys take up a mere kilobyte of memory, it could take as little as 40 minutes to find a signature key on a modern 10-gigabyte hard drive.
"It would be possible to write a program that searches the hard disc automatically and sends the key to the villain," says van Someren. This, he says, could be carried out by a virus that runs only when the screensaver is on, making it extremely difficult for the user to detect. A running screensaver could contain viral code that would tell a hacker when the user is away from their desk-and thus wouldn't notice the computer slowing down as the virus hunts for keys.
The possibility highlights the need to keep signature keys safe, says Phil Zimmermann, who wrote Pretty Good Privacy (PGP), a popular encryption program that is reckoned to be hard to crack. "Users must never leave their private key exposed in a non-secure environment," he says. "This is as obvious as not leaving your wallet unattended on a bus bench."
Any worthwhile encryption program encrypts the key before storing it, making it useless if found. However, a "swap" file-a temporary file stored on the hard disc-may still hold the key in its unencrypted form, allowing it to be detected by hackers. There are ways to combat this sort of attack, such as overwriting swap files as the PGP program does. But some encryption systems are vulnerable, particularly those on Web servers where the keys are constantly in use.
Author: Duncan Graham-Rowe New Scientist issue 13 March 99
PLEASE MENTION NEW SCIENTIST IF YOU USE THIS ARTICLE.
Journal
The New Scientist