Q

Is it possible to crack the public key encryption algorithm?

Is it possible to create a PKI encryption key that is unbreakable? IAM expert Randall Gamby weighs in.

Is the public key infrastructure (PKI) unbreakable if properly installed and operated?

The answer to this question is: Yes. It is possible to crack the public key encryption algorithm. The crucial element in any security tool like PKI is the cryptographic or hash algorithm used to generate the technology's private and public keys, or digital signatures. In this case, it is the length of the keys used that defines the strength of the algorithm. By using a limited bit length to generate the keys, or the digital signature, it increases the likelihood that a brute-force attack -- where an intruder tests every possible key combination to break the cryptographic or hash algorithm -- will succeed.

Remember that if an attacker uses brute force, the computing power needed to break the algorithm increases exponentially with the length of the key. For example, a 32 bit-length key requires 232 combinations; a key of this length can be easily broken with today's computing power. Even a 512 bit-length key can be broken by large governments or university research groups within a few months. In theory, any cryptographic method can be broken by trying all possible combinations. Fortunately, at the moment, a PKI system using long-length keys (i.e. 2,048 bits) is practically unbreakable due to the level of computing power and time it would take to break the encryption -- if, as you mention, it's properly installed and operated.

More on this topic

This was first published in January 2010

Dig deeper on PKI and Digital Certificates

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close