Movatterモバイル変換

[0]ホーム
URL:

Skip to main content

Advertisement

Springer Nature Link
Log in

Public Keys

  • Conference paper

Part of the book series:Lecture Notes in Computer Science ((LNSC,volume 7417))

Included in the following conference series:

Abstract

We performed a sanity check of public keys collected on the web and found that the vast majority works as intended. Our main goal was to test the validity of the assumption that different random choices are made each time keys are generated. We found that this is not always the case, resulting in public keys that offer no security. Our conclusion is that generating secure public keys in the real world is challenging. We didnot study usage of public keys.

Similar content being viewed by others

Keywords

References

  1. Cavallar, S., Dodson, B., Lenstra, A.K., Lioen, W., Montgomery, P.L., Murphy, B., te Riele, H., Aardal, K., Gilchrist, J., Guillerm, G., Leyland, P., Marchand, J., Morain, F., Muffett, A., Putnam, C., Putnam, C., Zimmermann, P.: Factorization of a 512-Bit RSA Modulus. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 1–18. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  2. Certicom Research. Standards for efficient cryptography 2: Recommended elliptic curve domain parameters. Standard SEC2, Certicom (2000)

    Google Scholar 

  3. Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (2008)

    Google Scholar 

  4. Coppersmith, D.: Modifications to the number field sieve. Journal of Cryptology 6(3), 169–180 (1993)

    Google Scholar 

  5. Darkmirage. PS3 completely cracked (2011),http://www.darkmirage.com/2011/01/06/ps3-completely-cracked/

  6. Desmedt, Y., Landrock, P., Lenstra, A.K., McCurley, K.S., Odlyzko, A.M., Rueppel, R.A., Smid, M.E.: The Eurocrypt’92 Controversial Issue: Trapdoor Primes and Moduli. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 194–199. Springer, Heidelberg (1993)

    Chapter  Google Scholar 

  7. Electronic Frontier Foundation. EFF SSL Observatory (2010),https://www.eff.org/observatory

  8. El Gamal, T.: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  9. Free Software Foundation, Inc. GMP: The GNU Multiple Precision Arithmetic Library (2011),http://www.gmplib.org/

  10. Heninger, N.: New research: There’s no need to panic over factorable keys–just mind your Ps and Qs (2012),https://freedom-to-tinker.com/blog/nadiah/new-research-theres-no-need-panic-over-factorable-keys-just-mind-your-ps-and-qs

  11. Holz, R., Braun, L., Kammenhuber, N., Carle, G.: The SSL landscape: a thorough analysis of the x.509 PKI using active and passive measurements. In: Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, IMC 2011, pp. 427–444. ACM (2011)

    Google Scholar 

  12. Johnson, D.B.: ECC, future resiliency and high security systems. Certicom Whitepaper (1999),http://www.comms.engg.susx.ac.uk/fft/crypto/ECCFut.pdf

  13. Kleinjung, T., Aoki, K., Franke, J., Lenstra, A.K., Thomé, E., Bos, J.W., Gaudry, P., Kruppa, A., Montgomery, P.L., Osvik, D.A., te Riele, H., Timofeev, A., Zimmermann, P.: Factorization of a 768-Bit RSA Modulus. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 333–350. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  14. Lenstra, A.K.: Generating RSA Moduli with a Predetermined Portion. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 1–10. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  15. Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C.: Ron was wrong, Whit is right. Cryptology ePrint Archive, Report 2012/064 (2012),http://eprint.iacr.org/

  16. Lenstra, A.K., Lenstra Jr., H.W. (eds.): The development of the number field sieve. Lecture Notes in Mathematics, vol. 1554. Springer, Berlin (1993)

    Google Scholar 

  17. Lenstra Jr., H.W.: Factoring integers with elliptic curves. Annals of Mathematics 126(3), 649–673 (1987)

    Google Scholar 

  18. Lochter, M., Merkle, J.: Elliptic curve cryptography (ECC) brainpool standard curves and curve generation. RFC 5639 (2010)

    Google Scholar 

  19. Loebenberger, D., Nüsken, M.: Analyzing Standards for RSA Integers. In: Nitaj, A., Pointcheval, D. (eds.) AFRICACRYPT 2011. LNCS, vol. 6737, pp. 260–277. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  20. Moore, H.D.: Debian OpenSSL Predictable PRNG Toys (2008),http://digitaloffense.net/tools/debian-openssl/

  21. Nguyen, P.Q., Shparlinski, I.: The insecurity of the digital signature algorithm with partially known nonces. Journal of Cryptology 15(3), 151–176 (2002)

    Google Scholar 

  22. Nguyen, P.Q., Shparlinski, I.: The insecurity of the elliptic curve digital signature algorithm with partially known nonces. Design, Codes Cryptography 30(2), 201–217 (2003)

    Google Scholar 

  23. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21, 120–126 (1978)

    Google Scholar 

  24. Tomášek, J., et al.: Blacklisted moduli,http://mirror.switch.ch/ftp/mirror/debian/pool/main/o/openssl-blacklist/,http://pocitace.tomasek.cz/debian-randomness/index.html

  25. U.S. Department of Commerce/National Institute of Standards and Technology. Digital Signature Standard (DSS). FIPS-186-3 (2009),http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf

  26. Vratonjic, N., Freudiger, J., Bindschaedler, V., Hubaux, J.-P.: The inconvenient truth about web certificates. In: The Workshop on Economics of Information Security, WEIS (2011)

    Google Scholar 

  27. Wiener, M.J.: Personal communication (1992)

    Google Scholar 

  28. Yilek, S., Rescorla, E., Shacham, H., Enright, B., Savage, S.: When private keys are public: results from the 2008 debian OpenSSL vulnerability. In: Feldmann, A., Mathy, L. (eds.) Internet Measurement Conference, pp. 15–27. ACM (2009)

    Google Scholar 

  29. Zimmermann, P., et al.: GMP-ECM (elliptic curve method for integer factorization) (2012),https://gforge.inria.fr/projects/ecm/

Download references

Author information

Authors and Affiliations

  1. EPFL IC LACAL, Station 14, CH-1015, Lausanne, Switzerland

    Arjen K. Lenstra, Maxime Augier, Joppe W. Bos, Thorsten Kleinjung & Christophe Wachter

  2. Self, Palo Alto, CA, USA

    James P. Hughes

Authors
  1. Arjen K. Lenstra

    You can also search for this author inPubMed Google Scholar

  2. James P. Hughes

    You can also search for this author inPubMed Google Scholar

  3. Maxime Augier

    You can also search for this author inPubMed Google Scholar

  4. Joppe W. Bos

    You can also search for this author inPubMed Google Scholar

  5. Thorsten Kleinjung

    You can also search for this author inPubMed Google Scholar

  6. Christophe Wachter

    You can also search for this author inPubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Calgary, 2500 University Drive NW, T2N 1N4, Calgary, AB, Canada

    Reihaneh Safavi-Naini

  2. Department of Computer Science, University of Boston, 111 Cummington Street, 02215, Boston, MA, USA

    Ran Canetti

Rights and permissions

Copyright information

© 2012 International Association for Cryptologic Research 2012

About this paper

Cite this paper

Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C. (2012). Public Keys. In: Safavi-Naini, R., Canetti, R. (eds) Advances in Cryptology – CRYPTO 2012. CRYPTO 2012. Lecture Notes in Computer Science, vol 7417. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32009-5_37

Download citation

Publish with us

[8]ページ先頭
©2009-2025 Movatter.jp