All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Biased RSA private keys: Origin attribution of GCD-factorable keys

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F20%3A00115914" target="_blank" >RIV/00216224:14330/20:00115914 - isvavai.cz</a>

  • Result on the web

    <a href="https://link.springer.com/chapter/10.1007%2F978-3-030-59013-0_25" target="_blank" >https://link.springer.com/chapter/10.1007%2F978-3-030-59013-0_25</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/978-3-030-59013-0_25" target="_blank" >10.1007/978-3-030-59013-0_25</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Biased RSA private keys: Origin attribution of GCD-factorable keys

  • Original language description

    In 2016, Švenda et al. (USENIX 2016, The Million-key Question) reported that the implementation choices in cryptographic libraries allow for qualified guessing about the origin of public RSA keys. We extend the technique to two new scenarios when not only public but also private keys are available for the origin attribution -- analysis of a source of GCD-factorable keys in IPv4-wide TLS scans and forensic investigation of an unknown source. We learn several representatives of the bias from the private keys to train a model on more than 150 million keys collected from 70 cryptographic libraries, hardware security modules and cryptographic smartcards. Our model not only doubles the number of distinguishable groups of libraries (compared to public keys from Švenda et al.) but also improves more than twice in accuracy w.r.t. random guessing when a single key is classified. For a forensic scenario where at least 10 keys from the same source are available, the correct origin library is correctly identified with average accuracy of 89% compared to 4% accuracy of a random guess. The technique was also used to identify libraries producing GCD-factorable TLS keys, showing that only three groups are the probable suspects.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

  • Continuities

    S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2020

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Computer Security – ESORICS 2020

  • ISBN

    9783030590123

  • ISSN

    0302-9743

  • e-ISSN

  • Number of pages

    20

  • Pages from-to

    505-524

  • Publisher name

    Springer

  • Place of publication

    Cham, Switzerland

  • Event location

    Cham, Switzerland

  • Event date

    Jan 1, 2020

  • Type of event by nationality

    CST - Celostátní akce

  • UT code for WoS article

Similar results(10)

The Million-Key Question – Investigating the Origins of RSA Public KeysMeasuring Popularity of Cryptographic Libraries in Internet-Wide ScansNew Solvability Conditions for Congruence $axequiv bpmod n$