1 / 16

A Creative Way of Breaking RSA

Azeem Jiva. A Creative Way of Breaking RSA. Overview. What is RSA? Public Key Algorithm Is it secure? Ways to break RSA Discover the Public Key Number Field Sieve. What is RSA?. RSA is named after its Inventors Public Key Algorithm Variable Key Length

jersey
Download Presentation

A Creative Way of Breaking RSA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Azeem Jiva A Creative Way of Breaking RSA

  2. Overview • What is RSA? • Public Key Algorithm • Is it secure? • Ways to break RSA • Discover the Public Key • Number Field Sieve

  3. What is RSA? • RSA is named after its Inventors • Public Key Algorithm • Variable Key Length • 512bits, 1024bits are most common • 2048bits, 4096bits are extreme • Variable Plaintext Length • Ciphertext Length same as Key Length • RSA is slow, used mostly to encrypt second key

  4. Definitions • Relative Prime • No common divisors except for 1 • Sometimes called Coprime and Strangers [2] • e.g. 3 and 5 • Multiplicative Inverse • Number which multiplied by another number gives you one [3]

  5. How RSA Works • Need Public and Private Key • Don't tell anyone the Private Key! • To create Public Key need two large primes • P and Q; 256bits each • Multiply them together, result is N • ø(N)=(P-1)(Q-1) • Find E relative prime to ø(N) • Public Key is (E,N)

  6. Private Key and Encryption • Need to find multiplicative inverse of: • D = E mod ø(N) • Private Key is (D, N) • Now you can encrypt • Ciphertext c = ME mod N • And decrypt • M = CD mod N • And sign messages • S = MD mod N

  7. Is RSA Secure? • Fundamental Tenent of Cryptography • Difficult to factor, but there are other ways • “Wait”/”Attack” • RSA-155 (512bits) was broken in 7 months [1] • Took 8700 MIPS years • Estimated time till factored [1] • 768bits – 2010 • 1024bits – 2018

  8. Breaking RSA • Quadratic Sieve • Previous way • Number Field Sieve • Currently the fastest way • O{exp[c(log n)1/3 (log log n)2/3]} • Can be parallelized on multiple machines • Interesting work by Dan Bernstein • http://cr.yp.to/papers/nfscircuit.ps

  9. Number Field Sieve • Four main steps • Polynomial Selection • Sieving • Linear Algebra • Square Root • The Sieving is the most time consuming

  10. Polynomial Selection • Select two irreducible polynomials (Primes) • F1(x) • F2(x) • They have a common root • M mod N

  11. Sieving • Finds two numbers that are relatively prime • GCD(a,b) = 1 • Both numbers are smooth over factor bases • B deg(f1) f1 (a/b) • B deg(f2) f2 (a/b) • These two numbers are “relations” • Find as many of these “relations” so that several subsets S with property X2≡ Y2 (mod n) can be found

  12. Linear Algebra • Filters the results from Sieving • Remove duplicates • Remove relations that do not occur anywhere else • Certain relations are merged • Eliminate primes and prime ideals which occur exactly k times in k situations • Use a Lanczos Algorithm • Most time consuming of Linear Algebra Step

  13. Square Root • Computes Square Roots • a is the root of a polynomial f1(x), f2(x) • a – ba have smooth norms • Cardinality of S is in the millions

  14. Projects • NFS Net • http://www.iaeste.dk/~henrik/projects/nfsnet.html • Lattice Siever • http://www.lehigh.edu/~bad0/nfs2-137.html

  15. Factoring Records

  16. References • Factorization of a 512-bit Modulus, Cavallar, etc • mathworld.wolfram.com/RelativelyPrime.html • www.mathnstuff.com/math/spoken/here/1words/m/m31.htm • www.cs.sjsu.edu/~stamp/SecurityEngineering/chapter5/knapsack.html

More Related