Abstract
In this paper, we present a parallel approach to common factor attack on RSA moduli obtained by mining TLS and SSH certificates from the Internet. Our work generalizes that of Heninger et al. (2012) for a resource constrained environment, where the memory may not be sufficient to create the product tree required for batch-wise GCD computation on the entire dataset. We propose a data-parallel routine to efficiently exploit the batch-wise GCD algorithm in a resource constrained setting, and mount the common factor attack on TLS and SSH certificates to obtain the set of vulnerable RSA moduli with reasonable accuracy.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
SSL Labs: Trustworthy internet movement - SSL pulse (2017). Accessed 4 Oct 2017
Pomerance, C.: A tale of two sieves. Not. Am. Math. Soc. 43, 1473–1485 (1996)
Heninger, N., Durumeric, Z., Wustrow, E., Halderman, J.A.: Mining your Ps and Qs: detection of widespread weak keys in network devices. In Kohno, T. (ed.) Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, 8–10 August 2012, pp. 205–220. USENIX Association (2012)
Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C.: Ron was wrong, Whit is right. IACR Cryptology ePrint Archive 2012, 64 (2012)
Bernstein, D.J., Chang, Y.-A., Cheng, C.-M., Chou, L.-P., Heninger, N., Lange, T., van Someren, N.: Factoring RSA keys from certified smart cards: Coppersmith in the wild. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 341–360. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42045-0_18
Hastings, M., Fried, J., Heninger, N.: Weak keys remain widespread in network devices. In: Gill, P., Heidemann, J.S., Byers, J.W., Govindan, R. (eds.) Proceedings of the 2016 ACM on Internet Measurement Conference, IMC 2016, Santa Monica, CA, USA, 14–16 November 2016, pp. 49–63. ACM (2016)
Bernstein, D.J.: How to find smooth parts of integers (2004)
Censys Team, University of Michigan: Internet-wide scan data repository (2016). Accessed 15 Oct 2016
Acknowledgement
The authors would like to thank the anonymous reviewers of ICISS 2017 for their constructive criticism, remarks and suggestions, which helped in substantially improving the technical and editorial quality of the paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kumar, V., Roy, A., Sengupta, S., Sen Gupta, S. (2017). Parallelized Common Factor Attack on RSA. In: Shyamasundar, R., Singh, V., Vaidya, J. (eds) Information Systems Security. ICISS 2017. Lecture Notes in Computer Science(), vol 10717. Springer, Cham. https://doi.org/10.1007/978-3-319-72598-7_18
Download citation
DOI: https://doi.org/10.1007/978-3-319-72598-7_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72597-0
Online ISBN: 978-3-319-72598-7
eBook Packages: Computer ScienceComputer Science (R0)