Unformatted text preview: PS-year)
’01: 15 = 3 * 5 (4 bits; IBM quantum computer!)
Dec 2003: 576-bit cracked
Nov. 2005: 640-bit cracked
See http://www.rsasecurity.com/rsalabs/node.asp?id=2093 for
the remaining bounty !!
the Recommended Key Sizes for RSA Old Standard: Individual users: 512 bits (155 decimal digits) New Standard: Individual users: 768 bits (231 decimal digits) Organizations (short term): 1024-bits (308 decimal digits) Organizations (long term): 2048-bits (616 decimal digits) Ref: No. of operations required to crack 512-bit RSA with best
known attack = 1/50 * NDES
where NDES is the no. of operations required to crack 56-bit DES by
brute-force Implementation Aspects of RSA How to find the big primes p and q ? Generate random numbers and test for their primality using
known testing algorithms
known How many times (numbers) one need to try before finding a
prime no. ? For a randomly chosen no. N, the probability of it being
prime ~= 1/ ln N ; => need to try ln N times on average
prime For a 100-digit number, one 1 in 230 chance.
e can be fixed to some constant value without decreasing security ;
e is commonly set to 3 or 65537 = 216+1 in practice to speed up
+1 encryption: m e mod n ; one can compute m 65537 quickly as well
Once e is fixed, d can be found using the Euclid’s Algorithm
fixed can Breaking News: (Feb 15, 2012): Implementation Flaws in RSA
random key generations
http://www.nytimes.com/2012/02/15/technology/researchers-find-flaw-in- Some arcane Attacks on RSA Guessing plaintext attack: if the attackers know the candidate set of plaintexts to
be sent (with exact wordings), the attacker can encrypt each of the possible
choice using the recipient’s public key and compare them to the actual ciphertext
Chosen ciphertext attack: don’t sign arbitrary messages sent by others because
signing is equivale...
View Full Document
This note was uploaded on 12/05/2013 for the course IERG 4130 taught by Professor Chowsze-ming,sherman during the Fall '13 term at CUHK.
- Fall '13