To Break or not to break

advertisement
A review of RSA encryption.
By: John Imboden



RSA encryption is a form of public key
encryption used in our everyday lives
developed by three men named Rivest, Shamir,
and Adleman.
It's uses include online transactions as well as
corporate data security.
The most common method of breaking RSA
Encryption is by factoring the private key.


The security provided by RSA encryption is
based on the idea that it is very simple to
multiply two numbers together but it is much
more difficult to factor a single large number.
In order for a computer to factor a number it
basically does it by trying most of the possible
combinations of factors to produce the desired
result.


RSA encryption using small numbers is
essentially worthless because a computer can
brute force factor it relatively quickly.
The time it would take to brute force factor a
number is described as the order of the size of
the square root of the number to be factored.


A number that is 10 digits in length may be
factored with at most 105(100,000) cycles.
If the number being factored has 50 digits in it
then the brute force factoring would take
roughly 1025 cycles before coming across the
correct pair.


161521746670640296426473658228859984306663
144318152681524054709078245736590366297248
377298082656939330673286493230336261991466
938596691073112968626710792148904239628873
374506302653492009810626437582587089465395
941375496004739918498276676334238241465498
030036586063929902368192004233172032080188
726965600617167
That is 309 digits


Using the method described earlier to
approximate the time required to brute force
factor this key, it would take approximately
10154 cycles in order to brute force factor a
number that is 1024 bits.
Assuming that a computer is capable of
performing one million cycles per second it
would take 10149 seconds or 3.16142 Years to
come up with a solution.



At the moment RSA seems to be extremely
secure.
The main limitation of factoring this is the fact
that the number of computational cores are
limited to however many are in the CPU of the
machine in question.
Daniel J. Bernstein, a mathematics professor at
University of Illinois, suggested building a
machine specifically for factoring using many
computational cores much like a graphics card.



The idea was to pipeline the information in
such a way that the time required for a
complete factorization would be significantly
reduced.
Estimated Time would go from millions of
years to a couple minutes based on the number
of cores used in the factoring machine.
Bernstein’s goal was not to test RSA Security,
the Security questions were brought up only
after Bernstein’s Paper was published.

"While Bernstein's paper suggests some very
clever methods for reducing the amount of
memory required to break very large RSA
keys, his methods are all implementation
techniques for the Number Field Sieve,
currently the best method for factoring large
numbers. The basic number of operations
required by the Number Field Sieve, however,
is not reduced. Since previous security
estimates for 1024-bit RSA keys are based on
the number of operations required by the
Number Field Sieve, they still apply."

Arguments for RSA encryption state that
attacks that aim not at RSA itself but at a given
insecure implementation of RSA do not count
as "breaking RSA" because it is not any
weakness in the RSA algorithm that is
exploited, but rather a weakness in a specific
implementation.



How do you store a key that is 300+ digits
long?
What happens when a newer faster machine
comes to the market?
What happens if a more efficient algorithm for
factoring large integers is discovered?








1) James Tandon "Exploring RSA Encryption in OpenSSL" Sep 25, 2003
<http://www.linuxjournal.com/article/6826>
2) Zvezdelina Stankova-Frenkel "RSA Encryption" Dec 22, 2000
<http://mathcircle.berkeley.edu/BMC3/rsa/node4.html>
3) X5 Networks "Cryptography: What Would it Take to Break RSA?" Apr
28, 2012 <http://x5.net/faqs/crypto/q10.html>
4) Daniel J. Bernstein "Circuits for Integer Factorization: A Proposal" Nov
9, 2001 <http://cr.yp.to/papers/nfscircuit.pdf>
5) Robert D. Silverman "Has the RSA algorithm been compromised as a
result of Bernstein's Paper?" Apr 8, 2002
<http://www.rsa.com/rsalabs/node.asp?id=2007>
6) Divesh Aggarwal and Ueli Maurer "Breaking RSA Generically is
Equivalent to
Factoring" Jan 23, 2009
<ftp://ftp.inf.ethz.ch/pub/crypto/publications/AggMau09.pdf>
7) Michel I. Gallant "How Big are 1024 bit RSA Keys" Feb 16, 2004
<http://www.jensign.com/JavaScience/dotnet/CSPPrimes/index.html>
Download