TY - JOUR KW - asymmetric cryptosystems KW - cryptanalysis KW - public keys KW - RSA KW - software tool AU - Tsonka Baicheva AU - Miroslav Dimitrov AB -
The asymmetric cryptosystem RSA is one of the first practical public-key cryptosystems, widely used for secure data transmission. The key generation of the RSA algorithm relies on specifically chosen numbers. Through the years, as the variety of attacks on RSA increased, plenty of recommendations and strategies for keys generation were published (ex. NIST.FIPS.186-4 [1]). Following the good practices, the regular users, companies or governments, can bootstrap their implementation of key generation software (a priori analysis). From the perspective of the other side of the communication channel, the key generation process and the keys themselves are a form of a "black box". Furthermore, most of the recommendations and good practices published online don’t reference the reasons/attacks, which can exploit the specific wrongly chosen parameter. An automatic a posteriori cryptanalysis tool will link each recommendation with an existing attack, giving the other side of the communication channel a tool to detect unsafely (including weakened by purpose) generated keys.
BT - Information & Security: An International Journal DO - https://doi.org/10.11610/isij.3702 LA - eng N2 -The asymmetric cryptosystem RSA is one of the first practical public-key cryptosystems, widely used for secure data transmission. The key generation of the RSA algorithm relies on specifically chosen numbers. Through the years, as the variety of attacks on RSA increased, plenty of recommendations and strategies for keys generation were published (ex. NIST.FIPS.186-4 [1]). Following the good practices, the regular users, companies or governments, can bootstrap their implementation of key generation software (a priori analysis). From the perspective of the other side of the communication channel, the key generation process and the keys themselves are a form of a "black box". Furthermore, most of the recommendations and good practices published online don’t reference the reasons/attacks, which can exploit the specific wrongly chosen parameter. An automatic a posteriori cryptanalysis tool will link each recommendation with an existing attack, giving the other side of the communication channel a tool to detect unsafely (including weakened by purpose) generated keys.
PY - 2017 SP - 29 EP - 34 T2 - Information & Security: An International Journal TI - A Software Tool ASR for a posteriori Cryptanalysis on Public Keys Generated with ‘RSA’ VL - 37 ER -