1 research outputs found

    Simple backdoors to RSA key generation

    Get PDF
    We present extremely simple ways of embedding a backdoor in the key generation scheme of RSA. Three of our schemes generate two genuinely random primes pp and qq of a given size, to obtain their public product n=pqn=pq. However they generate private/public exponents pairs (d,e)(d,e) in such a way that appears very random while allowing the author of the scheme to easily factor nn given only the public information (n,e)(n,e). Our last scheme, similar to the PAP method of Young and Yung, but more secure, works for any public exponent ee such as 3,17,655373,17,65537 by revealing the factorization of nn in its own representation. This suggests that nobody should rely on RSA key generation schemes provided by a third party
    corecore