1 / 12

Cryptographic Backdoors: Breaking the RSA

Cryptographic Backdoors: Breaking the RSA. Adhokshaj Mishra http://adhokshajmishraonline.in. Who am I?. A hobbyist C, C++, assembly programmer Independent Security Researcher with primary interest in cryptography, virology, crypto-virology, kleptography and mutation.

Download Presentation

Cryptographic Backdoors: Breaking the RSA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Cryptographic Backdoors:Breaking the RSA AdhokshajMishra http://adhokshajmishraonline.in

  2. Who am I? • A hobbyist C, C++, assembly programmer • Independent Security Researcher with primary interest in cryptography, virology, crypto-virology, kleptography and mutation. • Facebook: AdhokshajMishra • Twitter: @adhokshajmishra • Blog: http://adhokshajmishraonline.in

  3. Topics To Be Covered • RSA Revisited • A Trivial RSA Backdoor • Significance of PRNG Based Backdoors • Backdoored PRNG for RSA • Why AES + CTR? • Proof of Correctness • Proof of Concept (DEMO)

  4. RSA Revisited • Prime numbers: p, q • N = p x q • Phi = (p-1) x (q-1) • e: 1 < e < Phi, gcd(e, Phi) = 1 • d: (d x e) mod Phi = 1 • Public Key: (N, e) • Private Key: (N, d)

  5. A Trivial RSA Backdoor • RSA requires two randomly chosen prime numbers. • Keep one of them fixed for all keys :D • GCD (N1, N2) = p  constant • Easily detectable and no forward secrecy

  6. Improving The Attack:PRNG Based Backdoor

  7. Why PRNG? • Sweet and safe spot for backdoors • Backdoors become very hard to detect • They don’t raise eyebrows when in use

  8. PRNG Backdoor • Each PRNG instance contains set of parameters unique to itself. • Seed is the only input that changes with time. • Only seed is relayed to the attacker.

  9. PRNG Backdoor Demystified

  10. Common Uses • PRNG is used in a lot of crypto algorithms. Backdoor the PRNG and all of them are screwed  • Air-force fighter jets and Navy ships use Zero Knowledge Proofs. ZKP itself works on PRNG  • PRNG backdoor can render SSL useless. Whole traffic can be recorded in plaintext, and even worse, it can be modified while in progress.

  11. GOT ANY QUESTIONS?

  12. THANK YOU

More Related