9 research outputs found
A New RSA Variant Based on Elliptic Curves
We propose a new scheme based on ephemeral elliptic curves over the ring where is an RSA modulus with , , . The new scheme is a variant of both the RSA and the KMOV cryptosystems. The scheme can be used for both signature and encryption. We study the security of the new scheme and show that is immune against factorization attacks, discrete logarithm problem attacks, sum of two squares attacks, sum of four squares attacks, isomorphism attacks, and homomorphism attacks. Moreover, we show that the private exponents can be much smaller than the ordinary exponents for RSA and KMOV, which makes the decryption phase in the new scheme more efficient
Algorithms and cryptographic protocols using elliptic curves
En els darrers anys, la criptografia amb corbes el.líptiques ha
adquirit una importància creixent, fins a arribar a formar part en
la actualitat de diferents estàndards industrials. Tot i que s'han
dissenyat variants amb corbes el.líptiques de criptosistemes
clàssics, com el RSA, el seu màxim interès rau en la seva
aplicació en criptosistemes basats en el Problema del Logaritme
Discret, com els de tipus ElGamal. En aquest cas, els
criptosistemes el.líptics garanteixen la mateixa seguretat que els
construïts sobre el grup multiplicatiu d'un cos finit primer, però
amb longituds de clau molt menor.
Mostrarem, doncs, les bones propietats d'aquests criptosistemes,
així com els requeriments bàsics per a que una corba
sigui criptogràficament útil, estretament relacionat amb la seva
cardinalitat. Revisarem alguns mètodes que permetin descartar
corbes no criptogràficament útils, així com altres que permetin
obtenir corbes bones a partir d'una de donada. Finalment,
descriurem algunes aplicacions, com són el seu ús en Targes
Intel.ligents i sistemes RFID, per concloure amb alguns avenços
recents en aquest camp.The relevance of elliptic curve cryptography has grown in recent
years, and today represents a cornerstone in many industrial
standards. Although elliptic curve variants of classical
cryptosystems such as RSA exist, the full potential of elliptic
curve cryptography is displayed in cryptosystems based on the
Discrete Logarithm Problem, such as ElGamal. For these, elliptic
curve cryptosystems guarantee the same security levels as their
finite field analogues, with the additional advantage of using
significantly smaller key sizes.
In this report we show the positive properties of elliptic curve
cryptosystems, and the requirements a curve must meet to be
useful in this context, closely related to the number of points.
We survey methods to discard cryptographically uninteresting
curves as well as methods to obtain other useful curves from
a given one. We then describe some real world applications
such as Smart Cards and RFID systems and conclude with a
snapshot of recent developments in the field
Побудова атаки з використанням структури простих чисел на RSA подiбнi криптосистеми зi складеним модулем
Квалiфiкацiйна робота мiстить: 56 стор., 63 джерела.
Метою роботи є дослiдження стiйкостi RSA-подiбних криптосистем зi складеним модулем до атаки з використанням часткового знання щодо простих чисел модуля.
Об’єктом дослiдження є iнформацiйнi процеси в системах криптографiчного захисту.
Предметом дослiдження є стiйкiсть RSA-подiбних криптосистем зi складеним модулем до атаки з використанням структури простих чисел та наймолодших значущих бiтiв.
У ходi дослiдження зроблено огляд криптосистеми RSA та її модифiкацiй. Розглянуто наявнi атаки на криптосистему RSA та на RSA-подiбнi криптосистеми.
Результатами роботи є покращення наявної атаки на криптосистему RSA. Дослiджено криптосистеми PP − RSA та GPP − RSA, якi є модифiкацiями криптосистеми RSA. Побудована атака з використанням структури простих чисел на криптосистему PP − RSA та обчислена оцiнка її складностi. Побудована атака з використанням структури простих чисел на криптосистему GPP − RSA та обчислена оцiнка її складностi. Обчислена оцiнка кiлькостi простих чисел спецiального вигляду, якi використовуються у запропонованих атаках.The thesis contains: 56 pages, 63 sources.
The purpose of work is analyzing the security of the RSA-type cryptosystems with a composed module to attack using partial knowledge of module’s prime factors.
The object is information processes in cryptographic protection systems.
The subject is the resistance of RSA-type cryptosystems with a composed module to attack using special-structured primes and the least significant bits. The thesis reviews the cryptosystem RSA and its modifications.
Existing attacks on the RSA cryptosystem and on RSA-type cryptosystems are considered.
The result of work is to improve the existing attack on the RSA cryptosystem. Investigated PP − RSA and GPP − RSA cryptosystems, which are a modification of the RSA cryptosystem. Constructed attack using the special-structured primes on the PP − RSA cryptosystems and calculated estimate of the complexity of the proposed attack. Constructed attack using the special-structured primes on the GPP − RSA cryptosystems and calculated estimate of the complexity of the proposed attack. Estimate of the special-structured primes, which are used in the proposed attacks, is calculated
Automotive firmware extraction and analysis techniques
An intricate network of embedded devices, called Electronic Control Units (ECUs), is responsible for the functionality of a modern vehicle. Every module processes a myriad of information and forwards it on to other nodes on the network, typically an automotive bus such as the Controller Area Network (CAN). Analysing embedded device software, and automotive in particular, brings many challenges.
The analyst must, especially in the notoriously secretive automotive industry, first lift the ECU firmware from the hardware, which typically prevents unauthorised access. In this thesis, we address this problem in two ways:
- We detail and bypass the access control mechanism used in diagnostic protocols in ECU firmware. Using existing diagnostic functionality, we present a generic technique to download code to RAM and execute it, without requiring physical access to the ECU. We propose a generic firmware readout framework on top of this, which only requires access to the CAN bus.
- We analyse various embedded bootloaders and combine dynamic analysis with low-level hardware fault attacks, resulting in several fault-injection attacks which bypass on-chip readout protection.
We then apply these firmware extraction techniques to acquire immobiliser firmware by two different manufacturers, from which we reverse engineer the DST80 cipher and present it in full detail here. Furthermore, we point out flaws in the key generation procedure, also recovered from the ECU firmware, leading to a full key recovery based on publicly readable transponder pages
Improved Cryptanalysis of the KMOV Elliptic Curve Cryptosystem
This paper presents two new improved attacks on the KMOV cryptosystem. KMOV is an encryption algorithm based on elliptic curves over the ring (formula presented) is a product of two large primes of equal bit size. The first attack uses the properties of the convergents of the continued fraction expansion of a specific value derived from the KMOV public key. The second attack is based on Coppersmith’s method for finding small solutions of a multivariate polynomial modular equation. Both attacks improve the existing attacks on the KMOV cryptosystem
Improved Cryptanalysis of the KMOV Elliptic Curve Cryptosystem
International audienceThis paper presents two new improved attacks on the KMOV cryptosystem. KMOV is an encryption algorithm based on elliptic curves over the ring ZN where N = pq is a product of two large primes of equal bit size. The first attack uses the properties of the convergents of the continued fraction expansion of a specific value derived from the KMOV public key. The second attack is based on Coppersmith's method for finding small solutions of a multivariate polynomial modular equation. Both attacks improve the existing attacks on the KMOV cryptosystem