Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Cryptography

3 replies to this topic

#1 Crazy Cat

Crazy Cat

• Members
• 808 posts
• OFFLINE
•
• Gender:Male
• Location:Lunatic Asylum
• Local time:03:28 AM

Posted 19 July 2015 - 10:05 PM

CryptoParty. https://cryptoparty.org

Problem 24.1. In this problem, we investigate a failure in RSA system. Page 67 of Cryptography Exercises.pdf

File ID: 148932
File size: 314.3 KB
Time to live: 7 days

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

• Members
• 27 posts
• OFFLINE
•
• Local time:09:28 AM

Posted 20 July 2015 - 12:47 AM

I like to refer to these types of scenarios as "academic RSA" -- there are various weaknesses that one can introduce if they are foolish with mathematics (this is the primary reason people are advised to use trusted crypto implementations and not roll their own.)  In practice, standardized semantics (e.g. PKCS-x) are used to eliminate these potential weaknesses (entropy padding, etc.)  Note that in this example A and B are both using the same modulus, n, (never a good idea) -- which means they both have the ability to easily calculate the other's private key.  Regardless, when proper padding semantics are used (as is the case for Microsoft's Crypto API, OpenSSL, and any other serious crypto library), Oscar's approach for decrypting the message would fail.  Users A and B would still have an attack vector on each other because they are using the same modulus.  Each user needs his/her own unique modulus (n) to maintain security.

AF

Edited by adamforum, 20 July 2015 - 12:50 AM.

#3 Crazy Cat

Crazy Cat
• Topic Starter

• Members
• 808 posts
• OFFLINE
•
• Gender:Male
• Location:Lunatic Asylum
• Local time:03:28 AM

Posted 21 July 2015 - 11:55 PM

I like to refer to these types of scenarios as "academic RSA" -- there are various weaknesses that one can introduce if they are foolish with mathematics (this is the primary reason people are advised to use trusted crypto implementations and not roll their own.)  In practice, standardized semantics (e.g. PKCS-x) are used to eliminate these potential weaknesses (entropy padding, etc.)  Note that in this example A and B are both using the same modulus, n, (never a good idea) -- which means they both have the ability to easily calculate the other's private key.  Regardless, when proper padding semantics are used (as is the case for Microsoft's Crypto API, OpenSSL, and any other serious crypto library), Oscar's approach for decrypting the message would fail.  Users A and B would still have an attack vector on each other because they are using the same modulus.  Each user needs his/her own unique modulus (n) to maintain security.

AF

Yes, while this was a scenario of an "academic RSA" attack, there are also padding attacks and RNG attacks.

RSA. https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf

Importance of strong random number generation. https://en.wikipedia.org/wiki/RSA_%28algorithm%29#Importance_of_strong_random_number_generation

A cryptographically strong random number generator, which has been properly seeded with adequate entropy, must be used to generate the primes p and q. An analysis comparing millions of public keys gathered from the Internet was carried out in early 2012 by Arjen K. Lenstra, James P. Hughes, Maxime Augier, Joppe W. Bos, Thorsten Kleinjung and Christophe Wachter. They were able to factor 0.2% of the keys using only Euclid's algorithm.[21][22]

https://www.iacr.org/archive/eurocrypt2002/23320530/cbc02_e02d.pdf
https://www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

#4 guidecca

guidecca

• Members
• 5 posts
• OFFLINE
•
• Local time:10:28 AM

Posted 23 July 2015 - 05:22 PM

Can a laptop encrypted by a corporation to protect their proprietary secrets.  Designed to be used from home or remotely.  Probably PGP.  Can it be infected by the CryptoLocker virus??

Edited by guidecca, 23 July 2015 - 05:23 PM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users