A Software Tool ASR for a posteriori Cryptanalysis on Public Keys Generated with ‘RSA’
Publication Type:Journal Article
Source:Information & Security: An International Journal, Volume 37 (2017)
Keywords:asymmetric cryptosystems, cryptanalysis, public keys, RSA, software tool
The asymmetric cryptosystem RSA is one of the first practical public-key cryptosystems, widely used for secure data transmission. The key generation of the RSA algorithm relies on specifically chosen numbers. Through the years, as the variety of attacks on RSA increased, plenty of recommendations and strategies for keys generation were published (ex. NIST.FIPS.186-4). Following the good practices, the regular users, companies or governments can bootstrap their own implementation of key generation software (a priori analysis). From the perspective of the other side of the communication channel, the key generation process itself, as well as the keys, is a form of ‘black box.’ Furthermore, most of the recommendations and good practices published online, do not reference the reasons/attacks, which can exploit the specific wrongly chosen parameter. An automatic a posteriori cryptanalysis tool will link each recommendation with an existing attack, giving the other side of the communication channel a tool to detect unsafe (including weakened by purpose) generated keys.