Note: Estonia is particularly concerned because they have a neighbor with the technology to break their ID system, and motivation to exploit this.
Ordinarily, I would have said that a cipher which required factoring a 2048-bit number was well beyond the state of the art. The problem here is that knowledge of the public key could be used to reconstruct the private key with a reasonable amount of computation, using existing equipment. This is probably a flaw in the way the cipher was implemented, not in the fundamental theory of RSA. Inverting a cipher based on elliptic curves to discover the private key is currently much less well understood.
This discovery was something of a surprise when it first came out because RSA was not a trivial exercise in amateur cryptography. What has changed recently is that a previous attack has been improved to the point it really could be used.
Next question: how many other chip cards are vulnerable? If the cost of breaking a system is less than the value of the money it protects you can expect change to happen rapidly.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum