Differences

This shows you the differences between two versions of the page.

--- public:papers:acsac2017 [2017-12-04 19:54] – [Q&A section] xnemec1
+++ public:papers:acsac2017 [2022-10-12 08:52] (current) – xsvenda
@@ Line 13: / Line 13: @@
   * Conference page: [[https://www.acsac.org/2017/ | ACSAC 2017]] | [[https://www.acsac.org/2017/openconf/modules/request.php?module=oc_program&action=summary.php&id=106 | Paper page]]
   * Download author pre-print of the paper: {{ :public:papers:acsac2017_nemec_rsa_fingerprints.pdf | pdf}}
-  * Download presentation: {{ fixme | pdf}}
+  * Download presentation: {{ :public:papers:acsac-nemec-handout.pdf | Handout-PDF}} | {{ :public:papers:acsac-nemec.pdf | Conference-PDF }}
 **Bibtex (regular paper)**
   @inproceedings{2017-acsac-nemec,
-    Author        = {Matus Nemec and Dusan Klinec and Petr Svenda and Peter Sekan and Vashek Matyas},
+    author = {Nemec, Matus and Klinec, Dusan and Svenda, Petr and Sekan, Peter and Matyas, Vashek},
-    Title         = {Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans},
+    title = {Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans},
-    BookTitle     = {Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC'2017)},
+    booktitle = {Proceedings of the 33rd Annual Computer Security Applications Conference},
-    Year          = {2017},
+    series = {ACSAC 2017},
-    Pages         = {??--??},
+    year = {2017},
-    ISBN          = {??},
+    isbn = {978-1-4503-5345-8},
-    Publisher     = {ACM}
+    pages = {162--175},
+    url = {http://doi.acm.org/10.1145/3134600.3134612},
+    doi = {10.1145/3134600.3134612},
+    publisher = {ACM}
   }
@@ Line 32: / Line 35: @@
   * Measurement (classification) tool: [[https://github.com/crocs-muni/classifyRSAkey | GitHub link]]
-  * RSA keys from reference libraries: [[https://drive.google.com/drive/u/3/folders/0B0PpUrsKytcyMllkUHJ0RkZkdzA | Google Drive link]]
+  * {{fa>database}}\_//// [[https://owncloud.cesnet.cz/index.php/s/Ihhw3BKKzKTaxB9|Dataset of all collected RSA keys (39GB)]]
   * Data processing (TLS, PGP): [[https://github.com/crocs-muni/acsac2017-data-tools | GitHub link]]
   * Data processing (Certificate Transparency): [[https://github.com/crocs-muni/acsac2017-certificate-transparency-java | GitHub link]]
@@ Line 42: / Line 45: @@
 ==Q: Does it mean the biased RSA key generation methods are broken?==
-A: No, in general, the bias is not enough for key factorization. However, we did break the Infineon implementation in our recent paper [[https://crocs.fi.muni.cz/public/papers/rsa_ccs17 | The Return of Coppersmith's Attack (ROCA)]]
+A: No, in general, the bias is not enough for key factorization. However, we did break the Infineon implementation in our recent paper [[https://crocs.fi.muni.cz/public/papers/rsa_ccs17 | The Return of Coppersmith's Attack (ROCA)]].
+==Q: What parts of an RSA public key are biased?==
+A: We extract an 8-bit feature vector from a public modulus N: we use the remainder of division of the modulus N modulo 3, remainder modulo 4, and the 2nd to 7th most significant bits of the modulus.
+{{:public:papers:acsac2017_explain_mask_openssl.png?400|}}
+==Q: What was the motivation for the measurement?==
+A: We developed a method for probabilistic classification of keys based on their source in our paper [[https://crocs.fi.muni.cz/public/papers/usenix2016 | The Million-Key Question]] at [[https://www.usenix.org/node/197198 | USENIX Security 2016]]. However, we were missing an accurate estimation of library popularity and could not find any papers accomplishing that. We also needed to measure the impacts of [[https://crocs.fi.muni.cz/public/papers/rsa_ccs17 | ROCA vulnerability]] and this is a general method for such measurements.
 ==Q: What libraries did you analyze? Can you tell all libraries apart?==
@@ Line 48: / Line 59: @@
 {{:public:papers:acsac2017_dendrogram.png?600|}}
+==Q: Does popularity of libraries change in time?==
+A: Yes, for one, the number of OpenSSL keys increases significantly.
+{{:public:papers:acsac2017_intime.png?800|}}
 ==Q: I want to know the popularity of library X, why wasn't it included? ==
-A: To suggest other sources that we can add to our analysis, please get in touch with us. If you can also provide keys generated by hardware, open-source and proprietary libraries, we will add them to the [[https://drive.google.com/drive/u/3/folders/0B0PpUrsKytcyMllkUHJ0RkZkdzA | Collection of RSA keys from reference libraries]]
+A: To suggest other sources that we can add to our analysis, please get in touch with us. If you can also provide keys generated by hardware, open-source and proprietary libraries, we will add them to the [[https://drive.google.com/drive/u/3/folders/0B0PpUrsKytcyMllkUHJ0RkZkdzA | Collection of RSA keys from reference libraries]].
+==Q: Why can't you associate a key with its source with certainty?==
+A: The features extracted from the keys are not unique. Different (groups of) libraries can produce keys with the same features. Only the distribution of the features differs, as illustrated here:
+{{:public:papers:acsac2017_reference.png?800|}}
+==Q: What is the accuracy of the measurement?==
+A: We performed simulations to determine the accuracy. The expected error of the measurement was within 1 percentage point of the estimation (e.g., OpenSSL being estimated at 70% means that we expect it to be between 69% and 71%). The error might be larger in some cases, however the ground truth is not always known. Our estimation of ROCA vulnerable keys in a PGP dataset was at 0.10%, that is within 0.02 percentage points from the correct proportion found by a much more reliable method specific to the ROCA keys.