Biased RSA private keys: Origin attribution of GCD-factorable
keys

D 2020

Biased RSA private keys: Origin attribution of GCD-factorable keys

JANOVSKÝ, Adam, Matúš NEMEC, Petr ŠVENDA, Peter SEKAN, Václav MATYÁŠ et. al.

Basic information

Original name

Biased RSA private keys: Origin attribution of GCD-factorable keys

Name in Czech

neuniformní privátní RSA klíče: Určování původu klíčů faktorizovatelných algoritmem GCD

Authors

JANOVSKÝ, Adam (203 Czech Republic, guarantor, belonging to the institution), Matúš NEMEC (703 Slovakia), Petr ŠVENDA (203 Czech Republic, belonging to the institution), Peter SEKAN (703 Slovakia) and Václav MATYÁŠ (203 Czech Republic, belonging to the institution)

Edition

Cham, Switzerland, Computer Security – ESORICS 2020, p. 505-524, 20 pp. 2020

Publisher

Springer

Other information

Language

English

Type of outcome

Stať ve sborníku

Field of Study

10201 Computer sciences, information science, bioinformatics

Country of publisher

Switzerland

Confidentiality degree

není předmětem státního či obchodního tajemství

Publication form

printed version "print"

References:

URL

Impact factor

Impact factor: 0.402 in 2005

RIV identification code

RIV/00216224:14330/20:00115914

Organization unit

Faculty of Informatics

ISBN

978-3-030-59012-3

ISSN

DOI

http://dx.doi.org/10.1007/978-3-030-59013-0_25

Keywords in English

Cryptographic library; RSA factorization; Measurement; RSA key classification; Statistical model

Abstract

V originále

In 2016, Švenda et al. (USENIX 2016, The Million-key Question) reported that the implementation choices in cryptographic libraries allow for qualified guessing about the origin of public RSA keys. We extend the technique to two new scenarios when not only public but also private keys are available for the origin attribution -- analysis of a source of GCD-factorable keys in IPv4-wide TLS scans and forensic investigation of an unknown source. We learn several representatives of the bias from the private keys to train a model on more than 150 million keys collected from 70 cryptographic libraries, hardware security modules and cryptographic smartcards. Our model not only doubles the number of distinguishable groups of libraries (compared to public keys from Švenda et al.) but also improves more than twice in accuracy w.r.t. random guessing when a single key is classified. For a forensic scenario where at least 10 keys from the same source are available, the correct origin library is correctly identified with average accuracy of 89\% compared to 4\% accuracy of a random guess. The technique was also used to identify libraries producing GCD-factorable TLS keys, showing that only three groups are the probable suspects.

Links

GA20-03426S, research and development project

Name: Ověření a zlepšení bezpečnosti kryptografie eliptických křivek

Investor: Czech Science Foundation

MUNI/A/1076/2019, interní kód MU

Name: Zapojení studentů Fakulty informatiky do mezinárodní vědecké komunity 20 (Acronym: SKOMU)

Investor: Masaryk University, Category A

Citovat

JANOVSKÝ, Adam, Matúš NEMEC, Petr ŠVENDA, Peter SEKAN and Václav MATYÁŠ. Biased RSA private keys: Origin attribution of GCD-factorable keys. In Liqun Chen and Ninghui Li and Kaitai Liang and Steve Schneider. Computer Security – ESORICS 2020. Cham, Switzerland: Springer, 2020, p. 505-524. ISBN 978-3-030-59012-3. Available from: https://dx.doi.org/10.1007/978-3-030-59013-0_25.

@inproceedings{1669278,
   author = {Janovský, Adam and Nemec, Matúš and Švenda, Petr and Sekan, Peter and Matyáš, Václav},
   address = {Cham, Switzerland},
   booktitle = {Computer Security – ESORICS 2020},
   doi = {http://dx.doi.org/10.1007/978-3-030-59013-0_25},
   editor = {Liqun Chen and Ninghui Li and Kaitai Liang and Steve Schneider},
   keywords = {Cryptographic library; RSA factorization; Measurement; RSA key classification; Statistical model},
   howpublished = {tištěná verze "print"},
   language = {eng},
   location = {Cham, Switzerland},
   isbn = {978-3-030-59012-3},
   pages = {505-524},
   publisher = {Springer},
   title = {Biased RSA private keys: Origin attribution of GCD-factorable keys},
   url = {https://link.springer.com/chapter/10.1007%2F978-3-030-59013-0_25},
   year = {2020}
}

TY  - JOUR
ID  - 1669278
AU  - Janovský, Adam - Nemec, Matúš - Švenda, Petr - Sekan, Peter - Matyáš, Václav
PY  - 2020
TI  - Biased RSA private keys: Origin attribution of GCD-factorable keys
PB  - Springer
CY  - Cham, Switzerland
SN  - 9783030590123
KW  - Cryptographic library
KW  - RSA factorization
KW  - Measurement
KW  - RSA key classification
KW  - Statistical model
UR  - https://link.springer.com/chapter/10.1007%2F978-3-030-59013-0_25
L2  - https://link.springer.com/chapter/10.1007%2F978-3-030-59013-0_25
N2  - In 2016, Švenda et al. (USENIX 2016, The Million-key Question) reported that the implementation choices in cryptographic libraries allow for qualified guessing about the origin of public RSA keys. We extend the technique to two new scenarios when not only public but also private keys are available for the origin attribution -- analysis of a source of GCD-factorable keys in IPv4-wide TLS scans and forensic investigation of an unknown source. We learn several representatives of the bias from the private keys to train a model on more than 150 million keys collected from 70 cryptographic libraries, hardware security modules and cryptographic smartcards. Our model not only doubles the number of distinguishable groups of libraries (compared to public keys from Švenda et al.) but also improves more than twice in accuracy w.r.t. random guessing when a single key is classified. For a forensic scenario where at least 10 keys from the same source are available, the correct origin library is correctly identified with average accuracy of 89\% compared to 4\% accuracy of a random guess. The technique was also used to identify libraries producing GCD-factorable TLS keys, showing that only three groups are the probable suspects.
ER  -

JANOVSKÝ, Adam, Matúš NEMEC, Petr ŠVENDA, Peter SEKAN and Václav MATYÁŠ. Biased RSA private keys: Origin attribution of GCD-factorable keys. In Liqun Chen and Ninghui Li and Kaitai Liang and Steve Schneider. \textit{Computer Security – ESORICS 2020}. Cham, Switzerland: Springer, 2020, p.~505-524. ISBN~978-3-030-59012-3. Available from: https://dx.doi.org/10.1007/978-3-030-59013-0\_{}25.

Detailed Information on Publication Record