A Comprehensive Study of Backdoors for RSA Key Generation
نویسندگان
چکیده
Young and Yung devised various backdoors for RSA key generation. However, due to their backdoor constructing method, the two MSBs of the modulus n generated by their systems have di¤erent distribution than that generated by the normal RSA. Thus, someone may observe the abnormal distribution of n to detect the existence of backdoors. Recently, Crepéau and Slakmon further suggested four simple ways to construct RSA backdoor mechanisms. Although their schemes have roughly the same running time as the normal RSA, they are still not StrongSETUPs. Hence, in this paper, we propose three RSA backdoor cryptosystems. The rst two, RSA-SBLT and RSA-SBES, have the same advantages as Crépeau and Slakmons RSA-HP but provide new ways to construct the backdoors. As for our third backdoor cryptosystem, RSA-BDH, we exploit the relationship between p and q to devise a backdoor which can solve the problem occurring in Young and Yongs methods successfully. Moreover, we prove that RSA-BDH is a real Strong-SETUP based on DH assumption.
منابع مشابه
Simple Backdoors on RSA Modulus by Using RSA Vulnerability
This investigation proposes two methods for embedding backdoors in the RSA modulus N = pq rather than in the public exponent e. This strategy not only permits manufacturers to embed backdoors in an RSA system, but also allows users to choose any desired public exponent, such as e = 216 +1, to ensure efficient encryption. This work utilizes lattice attack and exhaustive attack to embed backdoors...
متن کاملYYGen : A Backdoor - Resistant RSA Key Generator ∗
In this chapter we present an algorithm that generates RSA key pairs in such a way that the subliminal channel in the RSA modulus n is significantly reduced. We refer to this key generator as YYGen. YYGen takes as input an RSA public exponent e that we assume is fixed and shared among all users. The key generation and verification process is as follows. A user generates a key pair, sends the pu...
متن کاملInformation Hiding in the Public RSA Modulus
The manufacturer of an asymmetric backdoor for a public key cryptosystem manipulates the key generation process in such a way that he can extract the private key or other secret information from the user’s public key by involving his own public/private key pair. All backdoors in major public key cryptosystems, including RSA, differ substantially in their implementation approaches and in their q...
متن کاملChapter 10 : An Elliptic Curve Asymmetric Backdoor in OpenSSL RSA Key Generation ∗
In this chapter we present an experimental implementation of an asymmetric backdoor in RSA key generation. The implementation is written in ANSI C. We codified what it means for an asymmetric backdoor to be secure (for the designer) in our definition of a secretly embedded trapdoor with universal protection (SETUP). The main properties of a SETUP are: (1) the complete code for the backdoor does...
متن کاملSimple Backdoors for RSA Key Generation
We present extremely simple ways of embedding a backdoor in the key generation scheme of RSA. Three of our schemes generate two genuinely random primes p and q of a given size, to obtain their public product n = pq. However they generate private/public exponents pairs (d, e) in such a way that appears very random while allowing the author of the scheme to easily factor n given only the public i...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006