Assorted Attacks on the RSA Cryptographic Algorithm

This thesis concentrates on the vulnerabilities of the RSA Cryptographic Algorithm when it is not securely implemented. While it has been proven that a brute force attack on the algorithm is not practical there remain aspects of the algorithm that require proper use to prevent back-door attacks. The attacks performed in this thesis attempt to exploit both mathematical and inherent timing vulnerabilities of the algorithm. Furthermore, simple practices which prevent theses attacks are discussed. RSA Cryptographic Algorithm Developed by Ron Rivest, Adi Shamir, and Len Adleman in 1977 the RSA public-key cryptographic algorithm has since been widely used in a variety of computer security applications. The first step of the algorithm is to select two different prime numbers, p and q. Next we calculate the modulus (n = p x q) and secondary modulus (ф(n) = (p-1) x (q-1)). We then select an integer e, our public key, such that e is a positive number less than and relatively prime to ф(n). Finally, we take the inverse of e mod ф(n) to produce d, our private key.[1] All of the aforementioned steps are used in practice with very large numbers to ensure added security. The size of these numbers has increased over time in order to account for faster computer processor speeds. The current standard depends on the importance of the information being encrypted, but selection of the primes generally ranges from a 128-bit to 512-bit numbers. However, all of the RSA key generation steps have the potential to be performed on extremely large numbers as mathematical algorithms that run at speeds linear to the number of digits. Now that we have our public and private keys we are ready to encrypt our private data using the equation: