The longest encryption key was broken; it only took 35 million hours: new world record

A team of information security researchers just cracked the most complex cryptographic algorithm ever attempted. Although this is a much less complex code than cryptography used in the world of cybersecurity, this is considered by many to be a leading achievement in the field of computing.

Employing multiple computers working simultaneously distributed around the world, the researchers invested the equivalent of 35 million hours of computational processes to realize decryption within a relatively reduced time frame.

To generate the computer and mathematical problem to be solved, information security researchers used the RSA algorithm, named after its creators Ron Rivest, Adi Shamir and Leonard Adleman. In this algorithm, two parties encrypt the information using a huge number, created from the multiplication of two prime numbers together.

Any math expert knows that there are endless methods to quickly know if a very large number is divisible by 9, 11, etc. However, when advancing to numbers like 17 or 19 things get complicated, so in these cases it is only necessary to verify by trial and error, making the work of finding the next value of the algorithm incredibly complex. How do we know by which combination of prime numbers we can get 667? The answer is to multiply 23 and 29, but this is only obtainable by trial and error.

Another variant that adds more complexity to decryption are the semi-prime numbers, obtained from the multiplication of two primes; these numbers are not divisible by any compound number and their factors are 1, the two prime numbers and the number itself. “Usually there is some indicator to know how to start separating a compound number, the large and semi-prime numbers do not tell us anything”, information security experts mention.

Although it is a feasible mathematical process, computing capacity adds even more complexity. By running programmed algorithms, a computer could continue to test new combinations via brute force until the correct one is found, although it must still be considered that the algorithm employs combinations of prime numbers, so there are billions and even trillions of possible combinations.

The mathematical complexity of RSA encryption is the main reason why it is possible to publicly share these keys, as only a user in possession of one of the two multiples could easily determine what the second multiple is. From then on, dividing these gigantic numbers (more than 200 figures) will be their own task.

According to information security specialists from the International Institute of Cyber Security (IICS), this group of researchers broke their own record in both encryption complexity and resolution time, as this occasion they managed to solve a 240-digit problem in less time than it took them to solve a 232-digit problem before.

This gigantic number (with 795-bit cryptographic key) is barely equivalent to a third of the 2048-bit encryption employed by most computers, so the encryption used in practice is still far from being resolved using similar methods, however, this is a race and it could be a matter of time before new methods to break with encryption are revealed.