Government agencies and computer code experts are nervous about a crack said to be found in a commonly-used Internet encryption technique, the hash function, which scrambles online transmissions that include credit information, Social Security numbers, and other personal information.
"Our heads have been spun around," said encryption supplier PGP Corp.'s chief technology officer, Jon Callas, to the Wall Street Journal March 16.
The hash method involves an algorithm and generates "digital fingerprints" through an equation on pieces of information, switching some of the bits' order, and reducing the result to a fixed length to produce the "print," the paper said.
The flaw was said to be detected by a team of Chinese researchers who discovered the hash function is not as resistant to hacking or cracking as previously believed, though Johns Hopkins University security expert Avi Rubin told the Journal their findings haven't hit the panic button just yet.
"(But) it's definitely a wakeup call," Rubin told the paper.
The Journal said the Chinese researchers' finding "calls into question the credibility of the popular encryption method, despite what are believed to be remote chances of abuse."
