Wen PANG,Jun-sheng WU

DOI: https://doi.org/10.3969/j.issn.1671-654X.2006.02.035

2006-01-01

Abstract:RSA is the most widely used arithmetic in the field of digital signature at present.Giving a detailed account of the arith-principle and arithmetic process of RSA,analyzed the leak and defect on the aspect of security matter,and formulated a series suggestion on the safety concern of how to enhancing the parameter selective program and avoiding attacked solution.Finally,the developing tend of RSA is prospected.

XIE Qi,CHEN De-ren,YU Xiu-yuan

IF: 2.034

2010-01-01

Systems Engineering

Abstract:In 2009, Park, et al. proposed an efficient remote user authentication protocol. They claimed that their protocol was the first password and smart card based remote user authentication scheme which can resist the off-line password guessing attack, and had many advantages over existing solutions such as no password tables and timestamp, low communication and computational costs. However, this paper shows that their protocol cannot resist the forgery attack and off-line password guessing attack. To overcome the security weaknesses, two improved schemes based on either nonce or timestamp without affecting the merits of the Park, et al. scheme are proposed. Technical discussions are provided to show that the improved protocol is secure, efficient and practical.

Majid Mumtaz,Luo Ping

DOI: https://doi.org/10.1080/09720529.2018.1564201

2019-01-01

Journal of Discrete Mathematical Sciences and Cryptography

Abstract:RSA public key cryptosystem is the de-facto standard use in worldwide technologies as a strong encryption/decryption and digital signature scheme. RSA successfully defended forty years of attack since invention. In this study we survey, its past, present advancements and upcoming challenges that needs concrete analysis and as a counter measure against possible threats according to underlying algebraic structure. Past studies shows us some attacks on RSA by inspecting flaws on relax model using weak public/private keys, integer factorization problem, and some specific low parameter selection attacks. Such flaws can not hamper the security of RSA cryptosystem by at large, but can explore possible vulnerabilities for more deep understanding about underlying mathematics and improper parameter selection. We describe a brief survey of past findings and detail description about specific attacks. A comprehensive survey of known attacks on RSA cryptosystem shows us that a well implemented algorithm is unbreakable and it survived against a number of cryptanalytic attacks since last forty years.

Ding WANG,Ping WANG,Zeng-peng LI,Chun-guang MA

2015-01-01

Systems Engineering - Theory & Practice

Abstract:With identity authentication becoming an essential mechanism to ensure robust system security in information systems,RSA-based authentication protocols have been studied intensively for their great practicality.This paper points out that a recent RSA-based remote user two-factor authentication protocol proposed by Xie et al.cannot achieve the claimed security and reports its following flaws:(1) It is vulnerable to replay attack and key compromise impersonation attack;(2) It suffers from the problem of user privacy violation and poor repairability.As our main contribution,an improved scheme is put forward and formally proved secure under the RSA assumption in the random oracle model.As compared with other related schemes,our scheme is the first one that can achieve provable security while keeping the merit of high performance.Consequently,our scheme is more well-suited for mobile application scenarios where resource is severely constrained and security is particularly concerned.

XIE Jianquan,YANG Chunhua

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.16.044

2006-01-01

Abstract:RSA encryption algorithm is a popular unsymmetrical encryption with high secure character.There are some special requirements in the selection of the large prime number in order to prevent the decryption.An efficient method has been introduced,which can be used to select the large prime numbers,and the some reasons which cause lower security by selecting incorrect prime number have been proved.

HP Jiang,ZG Mao

DOI: https://doi.org/10.1109/icasic.2003.1277457

2003-01-01

Abstract:Power analysis attacks could be used to analyze the key information according to leakage information depending on the operation of cryptography algorithm and its hardware. They are highly effective with low cost. In this paper, an improved RSA algorithm against power analysis was proposed based on its basic theory. DPA attack for RSA specially, is discussed in details. In order to maximize the capability/cost, mask technique and removing intermediate value method are introduced into RSA system, which only cost more than 33.4% timing to realizing secure RSA algorithm, and its security was better greatly with a little cost, which would be meaningful for the security of a common crypto-system.

王玉柱,廖晓峰

DOI: https://doi.org/10.3969/j.issn.1002-137x.2008.07.029

2008-01-01

Computer Science

Abstract:Secure implementation of cryptosystems has become a new research direction.This paper deals with its motivation,task and goal and then,based on the fail-stop protocol,presents a methold of designing attack-tolerant scheme that active attacks cannot cause the release of secrets within the run of system.

REN Yuan-fang,LIU Zhi-jie,GAO Yu-ming

2013-01-01

Abstract:RSA algorithm can not only be used for data encryption,but also be used for digital signature,and detect the primes al gorithm,so it is one of the most influential public-key encryption algorithm,which can resist all known password-attacks.Its se curity depends on the difficulty of large prime factorization.This paper mainly introduces the principle of RSA encryption algo rithm,the encryption and decryption process,the presence of attacks,as well as the parameter selection.

WANG Ding,WANG Ping,LEI Ming

DOI: https://doi.org/10.3969/j.issn.0372-2112.2015.01.028

2015-01-01

Abstract:It remains an open problem to design a secure and efficient RSA-based password-authenticated key exchange (PAKE )protocol in the areas of cryptography .In 2011 ,Wei proposed the first provably secure gateway-oriented PAKE protocol us-ing RSA ,and claimed that the protocol is provably secure in the random oracle model based on the intractability of the integer fac-torization problem .However ,in this short paper ,we point out that an adversary can launch the separation attack on their protocol by exploiting the oracle service unwittingly provided by the server ,and a user’s password can thus be guessed just after tens of mali-cious sessions .Our cryptanalysis result invalidates Wei’s claim that their protocol can achieve the security goal of password protec-tion ,and highlights the damaging threat that separation attack poses to RSA-based PAKE protocols .Furthermore ,we uncover the flaws in their formal security proof and put forward an enhancement to overcome the identified defect .The analysis results show that the improved protocol eliminates the vulnerability of Wei’s protocol while keeping the merit of high performance ,suitable for mo-bile application scenarios .

Li Zhu,Da-wu Gu,Chao Wang

DOI: https://doi.org/10.1007/s11741-008-0212-2

2008-01-01

Abstract:Based on the structure of the side channel attacks (SCAs) to RSA cryptosystem can resist the fault attack and combine with the randomization method for the message and secret exponent, a new implementation scheme of CRT-based (the Chinese remained theorem) RSA is proposed. The proposed scheme can prevent simple power analysis (SPA), differential power analysis (DPA) and time attack, and is compatible with the existing RSA-CRT cryptosystem as well. In addition, an improvement for resisting fault attack is proposed, which can reduce extra computation time.

Tianjie Cao,Dongdai Lim

DOI: https://doi.org/10.1109/lcomm.2006.1665131

IF: 3.5529

2006-01-01

IEEE Communications Letters

Abstract:In 2002, Zhu et al. proposed a password-based authenticated key exchange protocol based on RSA. Many researchers pointed out that Zhu et al.'s protocol is vulnerable to off-line dictionary attack. In 2003, Yeh et al. proposed an improved protocol. Recently, Lo and Yang-Wang pointed out that Yeh et al.'s improved protocol is also vulnerable to offline dictionary attack. To avoid this weakness existed in Yeh et al.'s protocol, Lo and Yang-Wang proposed two improved protocols. However, in this letter, we show that the Lo protocol is vulnerable to an active off-line dictionary attack and the Yang-Wang protocol is vulnerable to a passive off-line dictionary attack

Zhiyuan Liu,Xiaofei Wang,Guohua Cui,Jun Li

DOI: https://doi.org/10.13245/j.hust.2008.01.018

2008-01-01

Abstract:Technology of RSA (Ron Rivest, AdiShamir and Leonard Adleman) signcrypt was discussed. On the basis of universal padding from Coron's method, a new hybrid signcryption scheme using RSA was proposed. Assuming the intractability of RSA problem, the scheme was provably secure under the random oracle model. The simulation indicated that this scheme could signcrypt the message of any length and provide the non-repudiation in a simple manner, and its communication overload was only one RSA modular length. The scheme exceeds the traditional signature to encryption scheme in the bandwidth of message recovery.

Xu Rui,Jiang Huiping,Bao Sheng

DOI: https://doi.org/10.1109/cis.workshops.2007.229

2007-01-01

Abstract:Side channel information could be used to analysis the key information according to leakage information depending on the operation of cryptography algorithm and its hardware. And power analysis is the chief method In this paper, an improved architecture for RSA system against power analysis was proposed based on its basic theory. A DPA attack for RSA specially, is discussed in details, and the shadow technology was proposed based on it. In order to maximize the capability/cost, Shadow technique and removing intermediate value technique are introduced into RSA system, which only cost more than 30% timing to realizing secure RSA algorithm. Contemporary the effectiveness of advanced RSA cryptography system was illuminate briefly.

Yezhen Liang,Guoqiang Bai

DOI: https://doi.org/10.1109/ICCSNT.2013.6967249

2013-01-01

Abstract:RSA and its abbreviating mode, RSA-CRT are the representative members of the public key crypto system and have been widely applied. But they also suffer from various attacks such as fault attacks and simple power analysis. In this paper, the drawbacks and advantages of all the existing fault attacks and simple power analysis are concluded to be the base of the new proposal: a brand new FA-SPA resistant way to implement both of them. Mastering the character of Montgomery ladder, this proposal only requires a negligible overhead to perform the checking step with the absence of the public key e.

Zhen Cao,Zhi Guan,Zhong Chen,Jianbin Hu,Liyong Tang

DOI: https://doi.org/10.1007/978-3-540-72163-5_12

2007-01-01

Abstract:Denial of Service (DoS) attacks are a virulent type of attack on the availability of networks' intended services and resources. Defense against DoS attacks has been built into the cryptography protocols intended for authentication and establishment of communications. However the cryptography protocols have their own vulnerability to DoS. Consequently it is desirable to provide a methodology to evaluate the cryptography protocols' resistance to DoS attacks. In this paper, we propose an economical model for the risk evaluation of Denial of Service vulnerabilities in cryptographical protocols. By characterizing the intruder capability with a probability model, our risk evaluation model specifies the Value at Risk (VaR) for the cryptography protocols. The Value at Risk does the very job answering the question that how much computing resources are expected to lose with a given level of confidence. The proposed model can help the common users to have a better knowledge of the protocols they are using, and in the meantime help designers to examine their designs and get clues to improve them. We validate the applicability and effectiveness of our risk evaluation model by applying it to analyze two related protocols.

Chunguang Ma,Ding Wang,Sendong Zhao

DOI: https://doi.org/10.1002/dac.2468

2014-01-01

International Journal of Communication Systems

Abstract:Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. In this paper, we analyze two recent proposals in the area of password-based remote user authentication using smart cards. First, we point out that the scheme of Chen et al. cannot achieve all the claimed security goals and report its following flaws: (i) it is vulnerable to offline password guessing attack under their nontamper resistance assumption of the smart cards; and (ii) it fails to provide forward secrecy. Then, we analyze an efficient dynamic ID-based scheme without public-key operations introduced byWen and Li in 2012. This proposal attempts to overcome many of the well-known security and efficiency shortcomings of previous schemes and supports more functionalities than its counterparts. Nevertheless, Wen-Li's protocol is vulnerable to offline password guessing attack and denial of service attack, and fails to provide forward secrecy and to preserve user anonymity. Furthermore, with the security analysis of these two schemes and our previous protocol design experience, we put forward three general principles that are vital for designing secure smart-card-based password authentication schemes: (i) public-key techniques are indispensable to resist against offline password guessing attack and to preserve user anonymity under the nontamper resistance assumption of the smart card; (ii) there is an unavoidable trade-off when fulfilling the goals of local password update and resistance to smart card loss attack; and (iii) at least two exponentiation (respectively elliptic curve point multiplication) operations conducted on the server side are necessary for achieving forward secrecy. The cryptanalysis results discourage any practical use of the two investigated schemes and are important for security engineers to make their choices correctly, whereas the proposed three principles are valuable to protocol designers for advancing more robust schemes. Copyright (C) 2012 John Wiley & Sons, Ltd.

CHEN Cheng,ZHOU Yu-jie

DOI: https://doi.org/10.3969/j.issn.1009-2552.2005.10.031

2005-01-01

Abstract:RSA algorithm is one of the most important public-key cipher algorithms.This paper mainly discusses the basic theory of RSA cipher technology and its general implementation,with a focus on the security of RSA algorithm.

Shiji Song

2001-01-01

Abstract:With computer net wide application, net security is becoming a concerned problem of popular user. Based on the analysis of exponential secret key and its principle, this paper intends to discuss the RSA algorithm principle and its safety details. RSA's development, application as well as its variety case are also mentioned.

Ding Wang,Chunguang Ma,Sendong Zhao,ChangLi Zhou

DOI: https://doi.org/10.1007/978-3-642-35606-3_13

2012-01-01

Abstract:Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. Recently, Yeh et al. showed that Hsiang and Shih's password-based remote user authentication scheme is vulnerable to various attacks if the smart card is nontamper resistant, and proposed an improved version which was claimed to be efficient and secure. In this study, however, we find that, although Yeh et al.'s scheme possesses many attractive features, it still cannot achieve the claimed security goals, and we report its following flaws: (1) It cannot withstand offline password guessing attack and key-compromise impersonation attack under their non-tamper resistance assumption of the smart card; (2) It fails to provide user anonymity and forward secrecy; (3) It has some other minor defects. The proposed cryptanalysis discourages any use of the scheme under investigation in practice. Remarkably, rationales for the security analysis of password-based authentication schemes using smart cards are discussed in detail. © IFIP International Federation for Information Processing 2012.

XU Ci-wen

2008-01-01

Abstract:Based on the RSA digital signature,the paper proposed two kinds of modified schemes,which overcome the weakness of message lost when not pay attention.Because they are probabilistic digital signature schemes,they can secure for polynomial.