JANOVSKÝ, Adam, Matúš NEMEC, Petr ŠVENDA, Peter SEKAN and Václav MATYÁŠ. Biased RSA private keys: Origin attribution of GCD-factorable keys. In Liqun Chen and Ninghui Li and Kaitai Liang and Steve Schneider. Computer Security – ESORICS 2020. Cham, Switzerland: Springer, 2020, p. 505-524. ISBN 978-3-030-59012-3. Available from: https://dx.doi.org/10.1007/978-3-030-59013-0_25.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Biased RSA private keys: Origin attribution of GCD-factorable keys
Name in Czech neuniformní privátní RSA klíče: Určování původu klíčů faktorizovatelných algoritmem GCD
Authors JANOVSKÝ, Adam (203 Czech Republic, guarantor, belonging to the institution), Matúš NEMEC (703 Slovakia), Petr ŠVENDA (203 Czech Republic, belonging to the institution), Peter SEKAN (703 Slovakia) and Václav MATYÁŠ (203 Czech Republic, belonging to the institution).
Edition Cham, Switzerland, Computer Security – ESORICS 2020, p. 505-524, 20 pp. 2020.
Publisher Springer
Other information
Original language English
Type of outcome Proceedings paper
Field of Study 10201 Computer sciences, information science, bioinformatics
Country of publisher Switzerland
Confidentiality degree is not subject to a state or trade secret
Publication form printed version "print"
WWW URL
Impact factor Impact factor: 0.402 in 2005
RIV identification code RIV/00216224:14330/20:00115914
Organization unit Faculty of Informatics
ISBN 978-3-030-59012-3
ISSN 0302-9743
Doi http://dx.doi.org/10.1007/978-3-030-59013-0_25
Keywords in English Cryptographic library; RSA factorization; Measurement; RSA key classification; Statistical model
Tags core_A, firank_A
Tags International impact, Reviewed
Changed by Changed by: prof. RNDr. Václav Matyáš, M.Sc., Ph.D., učo 344. Changed: 5/1/2023 14:25.
Abstract
In 2016, Švenda et al. (USENIX 2016, The Million-key Question) reported that the implementation choices in cryptographic libraries allow for qualified guessing about the origin of public RSA keys. We extend the technique to two new scenarios when not only public but also private keys are available for the origin attribution -- analysis of a source of GCD-factorable keys in IPv4-wide TLS scans and forensic investigation of an unknown source. We learn several representatives of the bias from the private keys to train a model on more than 150 million keys collected from 70 cryptographic libraries, hardware security modules and cryptographic smartcards. Our model not only doubles the number of distinguishable groups of libraries (compared to public keys from Švenda et al.) but also improves more than twice in accuracy w.r.t. random guessing when a single key is classified. For a forensic scenario where at least 10 keys from the same source are available, the correct origin library is correctly identified with average accuracy of 89\% compared to 4\% accuracy of a random guess. The technique was also used to identify libraries producing GCD-factorable TLS keys, showing that only three groups are the probable suspects.
Links
GA20-03426S, research and development projectName: Ověření a zlepšení bezpečnosti kryptografie eliptických křivek
Investor: Czech Science Foundation
MUNI/A/1076/2019, interní kód MUName: Zapojení studentů Fakulty informatiky do mezinárodní vědecké komunity 20 (Acronym: SKOMU)
Investor: Masaryk University, Category A
PrintDisplayed: 26/4/2024 20:08