Researchers Point to Flaw in Online Transaction Encryption
FINANCIAL PRIVACYFebruary 17, 2012
Researchers have found a flaw in the algorithm used to encrypt transactions during online banking and shopping, AFP reports. While a team of U.S. and European researchers noted, "We found that the vast majority of public keys work as intended," their report cautions, "A more disconcerting finding is that two out of every one thousand RSA moduli that we collected offer no security." The Electronic Frontier Foundation has called the potential consequences "extremely serious," noting, "In all cases, a weak key would allow an eavesdropper on the network to learn confidential information, such as passwords or the content of messages, exchanged with a vulnerable server."