counter Skip to content

SSL cracked

logomacitynet1200wide 1

The dreaded (by hackers) and respected (by whom the security of communications) SSL encryption standard was violated. A team of researchers from the Swiss Federal Institute of Telecommunications in Lausanne led by Professor Serge Vaudenay succeeded in the undertaking that, according to all, or almost all, seemed impossible.

The news, which would be very worrying if it referred to the SSL (Secure Socket Layer) system that is used to encrypt communications of confidential data on the Internet and from e-commerce sites, does not have to raise alarm.

SSL cracked by exploiting a bug the version used to encrypt the electronic pose, has a limited use and in addition the alleged hacker must be in control of a network computer placed halfway between the two machines that are communicating.

In addition to this, as the most sensational and recent cases of data breach on the Internet demonstrate, hackers prefer and find it easier to violate the data contained in the HD than to 'intercept' the communications and try to decrypt them while passing from a machine to 'else.

But despite this, many security experts believe the news to be of great importance in general terms. It is proof that even compressed algorithms such as those underlying SSL can be decoded and read and, above all, how it is always necessary to work to implement communication security and the ability to protect privacy.

"As an individual who should be concerned about protecting the security of my communications," said Bruce Schneir of the Counterpane Internet Security agency referring to what the Federal Institute of Lausanne was able to do "I would not be worried. As a cryptography expert, however, I am very impressed. It was a great job '