A Real Life Project in Cryptography: Assessment of RSA Keys

  • Riccardo AragonaEmail author
  • Francesco Gozzini
  • Massimiliano Sala
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 358)


We describe a project carried out by CryptoLabTN. In this project we provide a rigorous analysis of the RSA cryptographic keys employed in the Certification Authority (CA) to certify the keys exchange during some financial transactions. In particular, we consider the asymptotically fastest known factorization algorithm, that is, the General Number Field Sieve (GNFS). We estimate the computational effort required by an attacker to break the certification keys. Our estimate differs from a direct application of the asymptotic estimates,because in a real-life attack several factors have to be vetted.


  1. 1.
    Aoki K, Kida Y, Shimoyama T, Ueda H (2004) GNFS factoring statistics of RSA-100, 110,\(\ldots \),150. Technical report, IACR.
  2. 2.
    Buhler JP, Jr Lenstra HW, Pomerance C (1993) Factoring integers with the number field sieve. The development of the number field sieve, Lecture notes in mathematics, vol 1554. Springer, Berlin, pp 50–94Google Scholar
  3. 3.
    Bai S, Thomé E, Zimmermann P (2012) Factorisation of RSA-704 with CADO-NFS. Technical report, IACR.
  4. 4.
    Boneh D, Venkatesan R (1998) Breaking RSA may not be equivalent to factoring. In Proceedings of EUROCRYPT 98, LNCS, vol 1403. Springer, Berlin, pp. 59–71Google Scholar
  5. 5.
    Dongarra JJ (2013) Performance of various computers using standard linear equations software. Technical report, University of ManchesterGoogle Scholar
  6. 6.
    Danilov SA, Popovyan IA (2010) Factorization of RSA-180. Technical report, IACR.
  7. 7.
    Kleinjung T (2006) On polynomial selection for the general number field sieve. Math Comput 75(256):2037–2047zbMATHMathSciNetCrossRefGoogle Scholar
  8. 8.
    Kleinjung T et al. (2010) Factorization of a 768-bit RSA modulus. In Proceedings of CRYPTO 10, LNCS, vol 6223, Springer, pp. 333–350Google Scholar
  9. 9.
    Lenstra AK, Verheul ER (2001) Selecting cryptographic key sizes. J Cryptol 14(4):255–293zbMATHMathSciNetCrossRefGoogle Scholar
  10. 10.
    Moore GE (1965) Cramming more components onto integrated circuits. Electronics 38(8):114–117Google Scholar
  11. 11.
    Pomerance C (1985) The quadratic sieve factoring algorithm. Advances in cryptology, LNCS, vol 209, Springer, Berlin, pp 169–182Google Scholar
  12. 12.
    Pomerance C (1994) The number field sieve. In mathematics of computation 1943–1993: a half-century of computational mathematics. Proceedings of symposia applied mathematics, vol 48, pp. 465–480. American Mathematics SocietyGoogle Scholar
  13. 13.
    Pomerance C (1996) A tale of two sieves. Not Am Math Soc 43(12):1473–1485zbMATHMathSciNetGoogle Scholar
  14. 14.
    Pomerance C (1996) Multiplicative independence for random integers. Prog Math 139:703–712MathSciNetGoogle Scholar
  15. 15.
    Rivest RL, Shamir A, Adleman LM (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126zbMATHMathSciNetCrossRefGoogle Scholar
  16. 16.
    Top500 Supercomputer sites

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Riccardo Aragona
    • 1
    Email author
  • Francesco Gozzini
    • 1
  • Massimiliano Sala
    • 1
  1. 1.Department of MathematicsUniversity of TrentoPovo (Trento)Italy

Personalised recommendations