Open source fans break strong encryption

597 computers get stuck into a feat of number crunching madness. Will Knight reports

A group of French scientists joined forces with open source enthusiasts this week and claim to have broken a public encryption key of unprecedented strength (108-bit), snatching a world's first in code-breaking. It took 597 different computers, 6 months of number crunching to crack the encryption.

The code breaking stunt is part of a challenge set by cryptographic technology firm Certicom which offered a cash prize of $10,000 (£6,200) for the successful code smasher. The encryption is based on a one way maths problem with just two answers. The two lucky individuals who managed to find the these will receive $1,000 each, but $8,000 of the prize money is to be donated to the Free Software Foundation.

Scientists at the French National Institute for Research in Computer Science (INRIA) created software for the Linux and Windows operating systems capable of using idle PC processing power to contribute via the Internet to the massive number crunching effort needed to crack the encryption. These were connected to a number of super computers dedicated to trying to find the results.

Certicom says it will take a couple of days to confirm the code has been broken and will then make an official announcement.

Public key encryption is the sort of cryptography used to secure communication over the Internet as well as online transactions.

Certicom's encryption is, however, based on an eliptic curve cryptography (ECC) which is different to the more commercially prevalent RSA variant. Certicom hopes this project will help to demonstrate how secure eliptic curve cryptography.

164 ECC is roughly equivalent in strength to 1024 RSA, a common commercial standard, meaning that the same level of security can be achieved with using ECC with far less effort.

This is in fact just the latest code-cracking accomplishment by INRIA and contributors. The key found this week was 108 bits in length and in September of last year, the group found a key 80 bits in length.

What do you think? Tell the Mailroom. And read what others have said.