Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision Next revisionBoth sides next revision | ||
public:papers:secrypt2019 [2019-05-13 12:53] – created x408178 | public:papers:secrypt2019 [2022-01-19 12:53] – [Other materials] x408178 | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ajh,jkadf | + | ====== I want to break square-free: |
+ | ~~NOTOC~~ | ||
+ | |||
+ | < | ||
+ | <col xs=" | ||
+ | <TEXT size=" | ||
+ | |||
+ | \_{{fa> | ||
+ | |||
+ | {{fa> | ||
+ | |||
+ | {{fa> | ||
+ | </ | ||
+ | </ | ||
+ | |||
+ | <col xs=" | ||
+ | <TEXT align=" | ||
+ | |||
+ | <button type=" | ||
+ | |||
+ | <button type=" | ||
+ | |||
+ | <button collapse=" | ||
+ | </ | ||
+ | </ | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | @conference{secrypt19, | ||
+ | | ||
+ | | ||
+ | | ||
+ | 2019) - Volume 2: SECRYPT, | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | **Abstract: | ||
+ | |||
+ | In this paper, we analyze Cheng' | ||
+ | ===== Key insights ===== | ||
+ | |||
+ | The contributions of the paper are the following: | ||
+ | * We analyze and improve a factorization method of integers of special form pq, where p,q are primes and the square-free part of 4p-1 is small. If an RSA key is generated in this form, an attacker can easily factor a modulus with bit length 2048 (and even more). | ||
+ | * If an RSA key is generated properly, such vulnerability almost never occurs. Thus if such a vulnerability is present, it was intentionally created. | ||
+ | * We devised and analyzed several possible methods of detecting such a backdoor and applied these on 44 millions of RSA keypairs generated by 18 different types of cryptographic devices. | ||
+ | * Even though we did not find any indication of a backdoor on the examined devices, we showed that generating vulnerable keys is possible by a clever attacker. | ||
+ | |||
+ | |||
+ | ===== Other materials and notes===== | ||
+ | * [[https:// | ||
+ | * ERRATA: The final estimates in Section 5.1 of the paper are flawed. Please see pages 26-27 in [[https:// | ||
+ | * There has been a quite interesting timeline of developments related to the method. In 2002, Cheng published [[https:// | ||
+ | ===== Acknowledgements ===== | ||
+ | We acknowledge the support of the Czech Science Foundation, project GA16-08565S. V.Sedlacek was also supported by the Brno Ph.D. Talent Scholarship (funded by the Brno City Municipality). The access to the computing and storage resources of National Grid Infrastructure MetaCentrum (LM2010005) is greatly appreciated. |