A space efficient backdoor in RSA and its applications

25Citations
Citations of this article
27Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

In this paper we present an RSA backdoor that, for example, can be used for a hardware-based RSA key recovery system. The system is robust in the sense that a successful reverse-engineer is not able to obtain previous nor future RSA private keys that have been/will be generated within the key generation device. The construction employs the notion of two elliptic curves in which one is the "twist" of the other. We present a proof in the random oracle model that the generated RSA key pairs that are produced by the cryptographic black-box are computationally indistinguishable (under ECDDH) from "normal" RSA key pairs, thus ensuring the integrity of the outputs. Furthermore, the security level of the key recovery mechanism is nearly identical to that of the key pair being generated. Thus, the solution provides an "equitable" level of security for the end user. This solution also gives a number of new kleptographic applications. © Springer-Verlag Berlin Heidelberg 2006.

Cite

CITATION STYLE

APA

Young, A., & Yung, M. (2006). A space efficient backdoor in RSA and its applications. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3897 LNCS, pp. 128–143). https://doi.org/10.1007/11693383_9

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free