Open AccessJournal Article
Twenty years of attacks on the rsa cryptosystem
TLDR
A simplified version of RSA encryption is described and a malicious attacker wishing to eavesdrop or tamper with the communication between Alice and Bob is used, to illustrate the dangers of improper use of RSA.Abstract:
Introduction The RSA cryptosystem, invented by Ron Rivest, Adi Shamir, and Len Adleman [18], was first publicized in the August 1977 issue of Scientific American. The cryptosystem is most commonly used for providing privacy and ensuring authenticity of digital data. These days RSA is deployed in many commercial systems. It is used by Web servers and browsers to secure Web traffic, it is used to ensure privacy and authenticity of e-mail, it is used to secure remote login sessions, and it is at the heart of electronic credit card payment systems. In short, RSA is frequently used in applications where security of digital data is a concern. Since its initial publication, the RSA system has been analyzed for vulnerability by many researchers. Although twenty years of research have led to a number of fascinating attacks, none of them is devastating. They mostly illustrate the dangers of improper use of RSA. Indeed, securely implementing RSA is a nontrivial task. Our goal is to survey some of these attacks and describe the underlying mathematical tools they use. Throughout the survey we follow standard naming conventions and use “Alice” and “Bob” to denote two generic parties wishing to communicate with each other. We use “Marvin” to denote a malicious attacker wishing to eavesdrop or tamper with the communication between Alice and Bob. We begin by describing a simplified version of RSA encryption. Let N = pq be the product of two large primes of the same size (n/2 bits each). A typical size for N is n = 1024 bits, i.e., 309 decimal digits. Each of the factors is 512 bits. Let e, d be two integers satisfying ed = 1 mod φ(N) where φ(N) = (p − 1)(q − 1) is the order of the multiplicative group ZN. We call N the RSA modulus, e the encryption exponent, and d the decryption exponent. The pair 〈N, e〉 is the public key. As its name suggests, it is public and is used to encrypt messages. The pair 〈N,d〉 is called the secret key or private key and is known only to the recipient of encrypted messages. The secret key enables decryption of ciphertexts. A message is an integer M ∈ ZN. To encrypt M, one computes C =Me mod N . To decrypt the ciphertext, the legitimate receiver computes Cd mod N. Indeed, Cd =Med =M mod N,read more
Citations
More filters
Journal ArticleDOI
Hacking commercial quantum cryptography systems by tailored bright illumination
Lars Lydersen,Lars Lydersen,Carlos Wiechers,Carlos Wiechers,Carlos Wiechers,Christoffer Wittmann,Dominique Elser,Johannes Skaar,Johannes Skaar,Vadim Makarov +9 more
TL;DR: By using bright pulses of light to ‘blind’ the avalanche photodiode detectors used in quantum cryptography equipment, scientists in Europe have shown that it is possible to tracelessly steal the secret encryption key generated by such systems and thus compromise their security.
Proceedings Article
Plutus: Scalable Secure File Sharing on Untrusted Storage
TL;DR: The mechanisms in Plutus to reduce the number of cryptographic keys exchanged between users by using filegroups, distinguish file read and write access, handle user revocation efficiently, and allow an untrusted server to authorize file writes are explained.
Proceedings ArticleDOI
TinyPK: securing sensor networks with public key technology
TL;DR: The design and implementation of public-key-(PK)-based protocols that allow authentication and key agreement between a sensor network and a third party as well as between two sensor networks are described.
Book
Modern Cryptography: Theory and Practice
TL;DR: This book explains why "textbook crypto" is only good in an ideal world where data are random and bad guys behave nicely, and reveals the general unfitness of "textbooks crypto" for the real world by demonstrating numerous attacks on such schemes, protocols and systems under various real-world application scenarios.
Journal ArticleDOI
Tree-based group key agreement
TL;DR: This work investigates a novel group key agreement approach which blends key trees with Diffie--Hellman key exchange and yields a secure protocol suite called Tree-based Group Diffie-Hellman (TGDH) that is both simple and fault-tolerant.
References
More filters
Journal ArticleDOI
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Book
Handbook of Applied Cryptography
TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Book
An Introduction to the Theory of Numbers
TL;DR: The fifth edition of the introduction to the theory of numbers has been published by as discussed by the authors, and the main changes are in the notes at the end of each chapter, where the author seeks to provide up-to-date references for the reader who wishes to pursue a particular topic further and to present a reasonably accurate account of the present state of knowledge.
Book ChapterDOI
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
TL;DR: By carefully measuring the amount of time required to perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.