E-commerce security flaw found

2012-02-16 14:00
San Francisco - Researchers on Wednesday revealed a flaw in the way data is scrambled to protect the privacy of online banking, shopping and other kinds of sensitive exchanges.

A program used to generate random number sequences for encrypting digital information worked properly 99.8% of the time, meaning that two out of every 1 000 "keys" wouldn't thwart crooks or spies, the report warned.

"We found that the vast majority of public keys work as intended," said a report based on work by a team of US and European researchers led by Arjen Lenstra of Ecole Polytechnique Federale de Lausanne (EPFL).

"A more disconcerting finding is that two out of every 1 000 RSA moduli that we collected offer no security."

Online rights champion Electronic Frontier Foundation (EFF) supplied key data for the research, and said that Lenstra's team found tens of thousands of keys that essentially failed to guard data in supposedly encrypted online sessions.

"The consequences of these vulnerabilities are extremely serious," the EFF's Dan Auerbach and Peter Eckersley said in a blog post.

"In all cases, a weak key would allow an eavesdropper on the network to learn confidential information, such as passwords or the content of messages, exchanged with a vulnerable server."

Hackers could also pose as trusted websites, such as an online bank, in what are referred to as man-in-the-middle attacks, according to the EFF.

The non-profit EFF said it is working "around the clock" with EPFL to warn operators of computer servers using encryption keys offering no protection.
Read more on:    e-commerce  |  cybercrime

Join the conversation!

24.com encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.

linking and moving

2015-04-22 07:36

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
Comments have been closed for this article.

Inside News24


Meet instagram star, Pumpkin the racoon

With 300 000 followers and growing Pumpkin is winning over the internet!



The cats that cost R35 000
Miley Cyrus can’t get enough of her new puppy
13 guilty pets
Meet SA's top poacher-catcher

Book flights

Compare, Book, Fly

Traffic Alerts

Plant some seeds. Your innovative mind is on fire and your ingenious ideas may just be the seeds for future projects. You may meet...read more

There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.


Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.