Citation
Abd Ghafar, Amir Hamzah
(2020)
New compendium of RSA vulnerabilities.
Doctoral thesis, Universiti Putra Malaysia.
Abstract
RSA cryptosystem is the most widely deployed public-key encryption scheme in
the digital world. It utilizes a hard mathematical problem known as the integer
factorization problem (IFP) to confide digital data in transit or at rest. Cryptanalysis
against RSA and its variants is vital to point out the weaknesses in the cryptosystem.
It also acts as reference points to maintain beyond doubt security aspects of the
cryptosystem. Most cryptanalysis or commonly called ‘attacks’ upon RSA focuses
on solving the IFP in feasible time. It is based on strategies exploiting the
mathematical structures or the implementation workflows of the scheme in hope that
it can be emulated by real-world adversary.
This thesis compiles five new attacks against the RSA cryptosystem. In the first
attack, the RSA primes, p and q do not have small primes factors for p-1 and
q-1. This result extends the Pollard’s attack. The second attack focuses on RSA
primes with the structure of p = am +rp and q = bm +rq where a,b are very large
integers, rp, rq are small integers and m is the power of 2. The attack also takes into
the consideration when rp and rq are the least significant bits of p and q.
In the third attack, the adversary is assumed capable to retrieve some most significant
bits of the RSA private exponent, d of a standard RSA scheme. The fourth attack
runs the similar strategies used by the third attack with one exception, it is conducted
on an RSA variant known as Chinese Remainder Theorem-RSA. Both third and
fourth attacks outlines new weaknesses within RSA public parameters that lead to
the factorization of N. We also provide an estimation on the number of possible occurrence. In the final attack, the thesis explores the possibility on how an adversary
can break the security of RSA by using vulnerable digital certificates due to its
weak RSA key pairs, (N,e). The attack is conducted on a single modified RSA
key equation and also the system of modified RSA key equations.
Download File
Additional Metadata
Actions (login required)
|
View Item |