Some keys provide no security; businesses should vigilant

Some keys provide no security; businesses should vigilant

A team of mathematicians has found that four out of every 1,000 public keys protecting things such as web email, online banking and other areas of the internet provide no data security. This means that companies providing things such as SSL certificates and code signing digital certificates should consistently make sure their certificates and keys are working to ensure safety.

"The fact is, if these numbers had the entropy that they were supposed to have, the probability of even one of these events happening in 7 million public keys would be vanishingly small," James P. Hughes, an independent cryptographer who participated in the research, told Ars Technica. "We thought that was rather startling."

The results, which were found in analyzing 7.1 million keys, were presented at a cyptography conference in August/ A separate group of researchers found similar results, according to the news source.

When it comes to data security, companies need to take steps further than SSL certificates and PCI compliance to make sure everything is completely safe, especially with new advancements in online technology every day.