Reverse engineering cracks Windows encryption

Reports that Israeli academics have reverse-engineered a critical component of Windows' encryption technology and found it crackable have been met with hot denials from Microsoft. Is the company claiming that a major vulnerability is actually ... a feature? In a paper published earlier this month, Benny Pinkas from the University of Haifa and two Hebrew […]

Share online:

Reports that Israeli academics have reverse-engineered a critical component of Windows' encryption technology and found it crackable have been met with hot denials from Microsoft. Is the company claiming that a major vulnerability is actually ... a feature?

In a paper published earlier this month, Benny Pinkas from the University of Haifa and two Hebrew University graduate students, Zvi Gutterman and Leo Dorrendorf, described how they recreated the algorithm used by Windows 2000's pseudo-random number generator (PRNG). They also spelled out vulnerabilities in the CryptGenRandom function, which calls on the algorithm.

Windows and its applications use the PRNG to create random encryption keys, which are in turn used to encrypt files and e-mail messages, and by the Secure Socket Layer protocol. SSL secures virtually every important Internet data transmission, including information from consumers to online retailers, and from bank customers to their online accounts.

Full Article

Security, Encryption, Windows, Component, Reverse-engineering

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.