From: anon-remailer@utopia.hacktic.nl (Anonymous)
To: cypherpunks@toad.com
Message Hash: 3bfe76fe75432581e5ed5edabbb9106aa400ecf2964108e53d91174db3978df8
Message ID: <199508171435.QAA05353@utopia.hacktic.nl>
Reply To: N/A
UTC Datetime: 1995-08-17 14:35:16 UTC
Raw Date: Thu, 17 Aug 95 07:35:16 PDT
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Thu, 17 Aug 95 07:35:16 PDT
To: cypherpunks@toad.com
Subject: UK Independent on SSL crack
Message-ID: <199508171435.QAA05353@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain
from the "ukpipeline" :-)
>>>>>>>>>>>>>>>>>>>>
UK Indpendent newspaper, 17/8/1995
Internet's 30bn Pound Secret Revealed
Charles Arthur
Technology Correspondent
A French student has cracked the most commonly used encryption system
used to pass financial transactions over the Internet, threatening a
business forecast to be worth billions of pounds worldwide.
Damien Doligez, 27, a PhD student at the Inria research centre near
Paris, broke a software "key" used by the Netscape browsing program,
which lets users navigate the World Wide Web.
With Netscape, Internet users can visit shopping "sites" on the Web and
order goods by sending their credit card and address over the network to
the site. To prevent anyone picking up those confidential details as
they pass through the network, they are encrypted first using a software
"key". This is the system used for example by Barclays Bank's
"BarclaySquare" project, launched in May, which offers access to eight
major retailers. Market research companies forecast that money
transmission over the Internet will be worth more than 30bn pounds by
2005.
At the launch of BarclaySquare, Roger Alexander, managing director of the
unit said: "The encryption method has been rigorously tested by us". But
Mr. Doligez has compromised that security by decoding a test example of
an encrypted transaction, posted on a number of Internet discussion
groups in July.
The transaction was scrambled using a digital key 40 bits long, which
offers about 1,000 billion ( a million million) possible combinations.
Mr Doligez harnessed spare time on 120 workstations and parallel
computers. The computers turned up the answer after eight days.
"I wouldn't trust my credit card number to Netscape," Mr Doligez told the
Independent from Paris yesterday.
Netscape Communications, whose flotation on the New York Stock Exchange
raised more than $1bn, said "We have always said this would be
theoretically possible."
[end]
Return to August 1995
Return to “anon-remailer@utopia.hacktic.nl (Anonymous)”
1995-08-17 (Thu, 17 Aug 95 07:35:16 PDT) - UK Independent on SSL crack - anon-remailer@utopia.hacktic.nl (Anonymous)