UPM Institutional Repository

New compendium of RSA vulnerabilities


Citation

Abd Ghafar, Amir Hamzah (2020) New compendium of RSA vulnerabilities. Doctoral thesis, Universiti Putra Malaysia.

Abstract

RSA cryptosystem is the most widely deployed public-key encryption scheme in the digital world. It utilizes a hard mathematical problem known as the integer factorization problem (IFP) to confide digital data in transit or at rest. Cryptanalysis against RSA and its variants is vital to point out the weaknesses in the cryptosystem. It also acts as reference points to maintain beyond doubt security aspects of the cryptosystem. Most cryptanalysis or commonly called ‘attacks’ upon RSA focuses on solving the IFP in feasible time. It is based on strategies exploiting the mathematical structures or the implementation workflows of the scheme in hope that it can be emulated by real-world adversary. This thesis compiles five new attacks against the RSA cryptosystem. In the first attack, the RSA primes, p and q do not have small primes factors for p-1 and q-1. This result extends the Pollard’s attack. The second attack focuses on RSA primes with the structure of p = am +rp and q = bm +rq where a,b are very large integers, rp, rq are small integers and m is the power of 2. The attack also takes into the consideration when rp and rq are the least significant bits of p and q. In the third attack, the adversary is assumed capable to retrieve some most significant bits of the RSA private exponent, d of a standard RSA scheme. The fourth attack runs the similar strategies used by the third attack with one exception, it is conducted on an RSA variant known as Chinese Remainder Theorem-RSA. Both third and fourth attacks outlines new weaknesses within RSA public parameters that lead to the factorization of N. We also provide an estimation on the number of possible occurrence. In the final attack, the thesis explores the possibility on how an adversary can break the security of RSA by using vulnerable digital certificates due to its weak RSA key pairs, (N,e). The attack is conducted on a single modified RSA key equation and also the system of modified RSA key equations.


Download File

[img] Text
IPM 2020 10 ir.pdf
Download (892kB)

Additional Metadata

Item Type: Thesis (Doctoral)
Subject: Cryptography
Subject: Data encryption (Computer science)
Subject: Computer networks - Security measures
Call Number: IPM 2020 10
Chairman Supervisor: Muhammad Rezal bin Kamel Ariffin, PhD
Divisions: Institute for Mathematical Research
Depositing User: Mas Norain Hashim
Date Deposited: 01 Jul 2021 06:46
Last Modified: 02 Dec 2021 06:31
URI: http://psasir.upm.edu.my/id/eprint/90077
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item