A SCIENTIST AT Bell Labs, the research and development wing of Lucent Technologies, has discovered a flaw in the Digital Signature Algorithm (DSA) that could affect the integrity of secure transactions on the Internet and adversely impact VPNs (virtual private networks), . . .
A SCIENTIST AT Bell Labs, the research and development wing of Lucent Technologies, has discovered a flaw in the Digital Signature Algorithm (DSA) that could affect the integrity of secure transactions on the Internet and adversely impact VPNs (virtual private networks), online shopping, and online financial transactions.

Daniel Bleichenbacher, a member of Bell Labs' Information Sciences Research Center, discovered a glitch in the random number generation technique used with the DSA, according to the company in a statement. He learned that the DSA's random number generator was biased and was twice as likely to pick a set of numbers from one range than from another.

The U.S. National Security Agency designed DSA and it is one of three authentication algorithms approved for generating and verifying digital signature under the Digital Signature Standard. Digital signatures allow software at the end of an electronic transaction to confirm the identity of the party initiating the transaction and to verify the integrity of the information received.

The link for this article located at InfoWorld is no longer available.