A Practical Guide to Cryptography Principles and Security Practices Employ cryptography in real-world security situations using the hands-on information contained in this book.
InfoSec expert Chuck Easttom lays out essential math skills and fully explains how to implement cryptographic algorithms in today's data protection landscape. Modern Cryptography: Applied Mathematics for Encryption and Information Security covers cryptanalysis, steganography, and cryptographic backdoors. Help Centre. My Wishlist Sign In Join.
Be the first to write a review. Add to Wishlist. Ships in 7 to 10 business days. Link Either by signing into your account or linking your membership details before your order is placed. Description Table of Contents Product Details Click on the cover image above to read some pages of this book! In Stock.
Outlook For Dummies Outlook for Dummies. Rabah gave a scathing review of many widely used cryptographic algorithms, including RSA. He argued that these methods have exceeded their useful lifespan and replacements such as Elliptic Curve should be considered. The author provided a critical view of current cryptography modalities. He posited that traditional algorithms are actually now inadequate for modern cryptography needs, and that is it necessary to consider stronger encryption methodologies: Over the last three decades the traditional cryptosystems like DES, DLP, RSA, DSA, etc.
Today, these traditional crypto-algorithms which where once considered effective have become impractical in light of recent technological development of constrained environment devices p Rabah posits that current algorithms are no longer adequate. But Rabah does not specifically address RSA.
Heninger and Shacham found that RSA implementations that utilized a smaller modulus were susceptible to cryptanalysis attacks. In their study, they considered RSA implementations that utilized a small exponent in the algorithm. A smaller modulus is sometimes used to increase the efficiency of the RSA algorithm. However, the size of the modulus value also could be used to reduce the set of possible factors, and thus decrease the time required to factor the public key.
So, a cryptanalysis already has the public key and thus has e and n. And the n is relatively small, making it possible, with extensive computing power and time, to derive the private key. The authors of this study clearly showed that it is possible to derive the private RSA key, which would render that particular RSA encryption implementation useless. In their methodology Heninger and Shacham formulated a series of linear equations that would progressively approximate the RSA private key.
The approximations were based approximations of factoring the public key. The authors of this study also applied modular arithmetic, a subset of number theory, to analyzing weaknesses in RSA. Many implementations of RSA use a shorter modulus operator in order to make the algorithm execute more quickly. Like Heninger and Shacham , Zhao and Qi showed that, based on the mathematical relationships between the elements of the RSA algorithm, that increases in efficiency resulting from a smaller modulus, will also render a decrease in the efficacy of that RSA implementation.
In their study, Zhao and Qi utilized a lattice matrix attack on the RSA implementation in order to attempt to factor the public key and derive the private key. The specifics of this mathematical methodology are not relevant to this paper. What is significant is that the researchers used a different approach than Heninger and Shacham and achieved the same results on RSA applications using a small modulus.
Aciicmez and Schindler wanted to understand if there were flaws in the implementation that would allow an unintended third party to break the SSL implementation. The authors explained how a particular type of crypto-analysis can be used to break this particular specific implementation of RSA. It is important to note that this analysis was dependent upon essential elements of number theory. This ultimately led to a method for factoring the public key, thus yielding the private key used in that RSA implementation. It is important to derive some additional information about the implementation of RSA in order to attempt a more practical approach to factoring.
By utilizing number theory, specifically in respect to the functionality of modular arithmetic, the researchers were able to significantly decrease the time required for factoring the public key. The study clearly shows a problem with some implementations of RSA. These studies mentioned are simply a sample of known attack vectors against RSA.
Many of these attacks depend on a small modulus. It is also true that increases in computing power will make these attacks, as well as brute force attempts to crack RSA, even more practical. So far the cryptography community has reacted by simply using ever larger key sizes for RSA. It seems likely that an entirely new asymmetric algorithm may be needed.
But in the meantime, when you implement RSA make sure you not only use a large key size, but be wary of using too small a modulus value. However, there is a growing body of evidence that RSA is no longer the best choice for modern asymmetric applications. There exist other options, such as Elliptic Curve Cryptography.
However, there are indications that Elliptic Curve Cryptography may have issues of its own Mimoso, In the immediate future, the answer is to use larger RSA keys with more carefully chosen modulus operators. However, the long-term solution is to find a more robust cryptographic algorithm. Aciicmez, O. Schindler, W. Blind electronic commerce.
Journal of Computer Security, 14 6. Alekseychuck, A.
Cryptographic parameters of s-boxes that characterize the security of GOST-like block ciphers against linear and differential cryptanalysis. Zakhist Inform, 2, Chen, C. A new and extended fault analysis on RSA. Constantinescu, N.
Elliptic curves cryptosystems for ecommerce applications. Proceedings of the 11th WSEAS international conference on mathematics and computers in business and economics, Easttom, C. Heninger, N. Reconstructing RSA private keys from random key bit. Hinek, M.
Common modulus attacks on small private exponent RSA and some fast variants in practice. Journal of Mathematical Cryptology, 4 1.
Cryptanalysis of RSA and its variants. England: Chapman and Hall. Kleinjung, K.
Osvik, D. Lecture Notes in Computer Science, , Ling, Y. RSA-based secure electronic cash payment system. Industrial Engineering and Engineering Management, Mao, W. Modern cryptography: Theory and practice.
Mimoso, M. Rabah, K. Elliptic curve cryptography over binary finite field gf. Information Technology Journal, 5 1 Rizvi1, S. Cryptography and mathematics.