706 research outputs found
Notes on Small Private Key Attacks on Common Prime RSA
We point out critical deficiencies in lattice-based cryptanalysis of common
prime RSA presented in ``Remarks on the cryptanalysis of common prime RSA for
IoT constrained low power devices'' [Information Sciences, 538 (2020) 54--68].
To rectify these flaws, we carefully scrutinize the relevant parameters
involved in the analysis during solving a specific trivariate integer
polynomial equation. Additionally, we offer a synthesized attack illustration
of small private key attacks on common prime RSA.Comment: 15 pages, 1 figur
Cryptanalysis of Server-Aided RSA Protocols with Private-Key Splitting
International audienceWe analyze the security and the efficiency of interactive protocols where a client wants to delegate the computation of an RSA signature given a public key, a public message and the secret signing exponent. We consider several protocols where the secret exponent is splitted using some algebraic decomposition. We first provide an exhaustive analysis of the delegation protocols in which the client outsources a single RSA exponentiation to the server. We then revisit the security of the protocols RSA-S1 and RSA-S2 that were proposed by Matsumoto, Kato and Imai in 1988. We present an improved lattice-based attack on RSA-S1 and we propose a simple variant of this protocol that provides better efficiency for the same security level. Eventually, we present the first attacks on the protocol RSA-S2 that employs the Chinese Remainder Theorem to speed up the client's computation. The efficiency of our (heuristic) attacks has been validated experimentally
A polynomial time attack on RSA with private CRT-exponents smaller than
Wienerâs famous attack on RSA with d
Using quantum key distribution for cryptographic purposes: a survey
The appealing feature of quantum key distribution (QKD), from a cryptographic
viewpoint, is the ability to prove the information-theoretic security (ITS) of
the established keys. As a key establishment primitive, QKD however does not
provide a standalone security service in its own: the secret keys established
by QKD are in general then used by a subsequent cryptographic applications for
which the requirements, the context of use and the security properties can
vary. It is therefore important, in the perspective of integrating QKD in
security infrastructures, to analyze how QKD can be combined with other
cryptographic primitives. The purpose of this survey article, which is mostly
centered on European research results, is to contribute to such an analysis. We
first review and compare the properties of the existing key establishment
techniques, QKD being one of them. We then study more specifically two generic
scenarios related to the practical use of QKD in cryptographic infrastructures:
1) using QKD as a key renewal technique for a symmetric cipher over a
point-to-point link; 2) using QKD in a network containing many users with the
objective of offering any-to-any key establishment service. We discuss the
constraints as well as the potential interest of using QKD in these contexts.
We finally give an overview of challenges relative to the development of QKD
technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special
issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8
Energy Efficient Security Framework for Wireless Local Area Networks
Wireless networks are susceptible to network attacks due to their inherentvulnerabilities. The radio signal used in wireless transmission canarbitrarily propagate through walls and windows; thus a wireless networkperimeter is not exactly known. This leads them to be more vulnerable toattacks such as eavesdropping, message interception and modifications comparedto wired-line networks. Security services have been used as countermeasures toprevent such attacks, but they are used at the expense of resources that arescarce especially, where wireless devices have a very limited power budget.Hence, there is a need to provide security services that are energy efficient.In this dissertation, we propose an energy efficient security framework. Theframework aims at providing security services that take into account energyconsumption. We suggest three approaches to reduce the energy consumption ofsecurity protocols: replacement of standard security protocol primitives thatconsume high energy while maintaining the same security level, modification ofstandard security protocols appropriately, and a totally new design ofsecurity protocol where energy efficiency is the main focus. From ourobservation and study, we hypothesize that a higher level of energy savings isachievable if security services are provided in an adjustable manner. Wepropose an example tunable security or TuneSec system, which allows areasonably fine-grained security tuning to provide security services at thewireless link level in an adjustable manner.We apply the framework to several standard security protocols in wirelesslocal area networks and also evaluate their energy consumption performance.The first and second methods show improvements of up to 70% and 57% inenergy consumption compared to plain standard security protocols,respectively. The standard protocols can only offer fixed-level securityservices, and the methods applied do not change the security level. The thirdmethod shows further improvement compared to fixed-level security by reducing(about 6% to 40%) the energy consumed. This amount of energy saving can bevaried depending on the configuration and security requirements
Malicious cryptography techniques for unreversable (malicious or not) binaries
Fighting against computer malware require a mandatory step of reverse
engineering. As soon as the code has been disassemblied/decompiled (including a
dynamic analysis step), there is a hope to understand what the malware actually
does and to implement a detection mean. This also applies to protection of
software whenever one wishes to analyze them. In this paper, we show how to
amour code in such a way that reserse engineering techniques (static and
dymanic) are absolutely impossible by combining malicious cryptography
techniques developped in our laboratory and new types of programming (k-ary
codes). Suitable encryption algorithms combined with new cryptanalytic
approaches to ease the protection of (malicious or not) binaries, enable to
provide both total code armouring and large scale polymorphic features at the
same time. A simple 400 Kb of executable code enables to produce a binary code
and around mutated forms natively while going far beyond the old
concept of decryptor.Comment: 17 pages, 2 figures, accepted for presentation at H2HC'1
Note on Integer Factoring Methods IV
This note continues the theoretical development of deterministic integer
factorization algorithms based on systems of polynomials equations. The main
result establishes a new deterministic time complexity bench mark in integer
factorization.Comment: 20 Pages, New Versio
- âŠ