Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cryptography


  • Please log in to reply
3 replies to this topic

#1 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:03:28 AM

Posted 19 July 2015 - 10:05 PM

CryptoParty. https://cryptoparty.org
Download the Handbook. https://www.cryptoparty.in/documentation/handbook

Problem 24.1. In this problem, we investigate a failure in RSA system. Page 67 of Cryptography Exercises.pdf

Cryptography Exercises.pdf at http://wikisend.com/download/148932/Cryptography Exercises.pdf

File ID: 148932
File size: 314.3 KB
Time to live: 7 days
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


BC AdBot (Login to Remove)

 


#2 adamforum

adamforum

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 20 July 2015 - 12:47 AM

I like to refer to these types of scenarios as "academic RSA" -- there are various weaknesses that one can introduce if they are foolish with mathematics (this is the primary reason people are advised to use trusted crypto implementations and not roll their own.)  In practice, standardized semantics (e.g. PKCS-x) are used to eliminate these potential weaknesses (entropy padding, etc.)  Note that in this example A and B are both using the same modulus, n, (never a good idea) -- which means they both have the ability to easily calculate the other's private key.  Regardless, when proper padding semantics are used (as is the case for Microsoft's Crypto API, OpenSSL, and any other serious crypto library), Oscar's approach for decrypting the message would fail.  Users A and B would still have an attack vector on each other because they are using the same modulus.  Each user needs his/her own unique modulus (n) to maintain security.

 

AF


Edited by adamforum, 20 July 2015 - 12:50 AM.


#3 Crazy Cat

Crazy Cat
  • Topic Starter

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:03:28 AM

Posted 21 July 2015 - 11:55 PM

I like to refer to these types of scenarios as "academic RSA" -- there are various weaknesses that one can introduce if they are foolish with mathematics (this is the primary reason people are advised to use trusted crypto implementations and not roll their own.)  In practice, standardized semantics (e.g. PKCS-x) are used to eliminate these potential weaknesses (entropy padding, etc.)  Note that in this example A and B are both using the same modulus, n, (never a good idea) -- which means they both have the ability to easily calculate the other's private key.  Regardless, when proper padding semantics are used (as is the case for Microsoft's Crypto API, OpenSSL, and any other serious crypto library), Oscar's approach for decrypting the message would fail.  Users A and B would still have an attack vector on each other because they are using the same modulus.  Each user needs his/her own unique modulus (n) to maintain security.
 
AF

Yes, while this was a scenario of an "academic RSA" attack, there are also padding attacks and RNG attacks.

RSA. https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf

Padding.
https://en.wikipedia.org/wiki/RSA_%28algorithm%29#Padding
https://en.wikipedia.org/wiki/Padding_(cryptography)


Importance of strong random number generation. https://en.wikipedia.org/wiki/RSA_%28algorithm%29#Importance_of_strong_random_number_generation

A cryptographically strong random number generator, which has been properly seeded with adequate entropy, must be used to generate the primes p and q. An analysis comparing millions of public keys gathered from the Internet was carried out in early 2012 by Arjen K. Lenstra, James P. Hughes, Maxime Augier, Joppe W. Bos, Thorsten Kleinjung and Christophe Wachter. They were able to factor 0.2% of the keys using only Euclid's algorithm.[21][22]

Padding Attacks.
https://www.iacr.org/archive/eurocrypt2002/23320530/cbc02_e02d.pdf
https://www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.63.3870&rep=rep1&type=pdf
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#4 guidecca

guidecca

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:28 AM

Posted 23 July 2015 - 05:22 PM

Can a laptop encrypted by a corporation to protect their proprietary secrets.  Designed to be used from home or remotely.  Probably PGP.  Can it be infected by the CryptoLocker virus??


Edited by guidecca, 23 July 2015 - 05:23 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users