It took two months, but employing as many as 3,000 CPUs, researchers have found a way to place backdoors in the cryptographic keys that protect websites, virtual private networks and internet servers, according to Ars Technica.
By injecting the undetectable backdoor in the 1,024-bit keys used in the Diffie-Hellman key exchange, hackers would be able to "decrypt hundreds of millions of encrypted communications as well as cryptographically impersonate key owners," the article stated
Once believed impenetrable because of its use of large prime numbers, researchers devised a special prime that made the process easier. The implication is that actors looking to decrypt communications might now have a way to unscramble the discrete logarithm.
"We are showing that trapdoored primes that would allow an adversary to efficiently break 1,024-bit keys are completely feasible," Nadia Heninger, one of the researchers at the University of Pennsylvania participating in the study, told Ars.
