In its retort against the researchers' paper, RSA said, "We welcome this form of research" because it "contributes to better overall security for everyone," but emphasized "the RSA algorithm has withstood such scrutiny for decades from multiple sources."
RSA went on to say good cryptography "depends on proper implementation. True random-number generation underpins nearly all cryptographic algorithms and protocols, and must be performed with care against the weakening of well-designed cryptography. Our analysis points to the need for better care in implementation, generally tied to embedded devices. We see no fundamental flaw in the algorithm itself, and urge all cryptography users to ensure good implementation and best practices are followed."
RSA also received some measure of support from noted security researcher Dan Kaminsky who Thursday posted a blog about the crypto controversy.
Lenstra and Hughes are prominent cryptographers, and Kaminsky says he considered they had done "excellent survey work" which in total included a look at 11.7 million public keys. But he basically rejected the fundamental thesis of their paper.
"[T]here's just no way we get from this survey work, to the thesis that surrounds it," writes Kaminsky in his blog. He argues that "On the basic level, risk in cryptography is utterly dominated, not by cipher selection, but by key management. The study found 12,720 public keys. It also found approximately 2.94 million expired certificates. And while the study didn't discuss the number of certificates that had no reason to be trusted in the first place (being self signed) it did find 5.4 million PGP keys."
Kaminsky goes on to say much more, including, "What the data from the survey says, unambiguously, is that most keys on the Internet today have no provenance that can be trusted, not even through whatever value the CA [certificate authority] system affords. Key Management - as Whit Diffie himself has said - is the hard problem now for cryptography."
Kaminsky also observes, "This is a paper based on survey work, in which empirically validated existence of an implementation flaw (12,720 crackable keys) is being used to justify a design bias (don't use a multi-secret algorithm). The argument is that multi-secret algorithms cause crackable public keys."
Kaminsky indicated he doesn't buy the conclusions made in the crypto researchers' paper. "I don't mean to be too hard on this paper, which again, has some excellent data and analysis inside. I've been strongly advocating for the collection of data in security, as I think we operate more on assumption and rumor than we'd like to admit. The flip side is that we must take care not to fit our data to those assumptions."
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.
Read more about wide area network in Network World's Wide Area Network section.