Experimental detection of anomalies in public key infrastructure

Cryptographic techniques authenticate users and protect information confidentiality. These tasks are performed by subsystems called Oracles. The most popular Oracle is the RSA system based on two large primes granting secure services. In 2008, a programming error in Open-SSL of the Debian system wa...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Castro Lechtaler, Antonio, Cipriano, Marcelo, Malvacio, Eduardo
Formato: Objeto de conferencia
Lenguaje:Inglés
Publicado: 2012
Materias:
Ciencias Informáticas
informática
asymmetric cryptography
SSL
RSA
prime integers
predictable primes
Acceso en línea:http://sedici.unlp.edu.ar/handle/10915/23843
Aporte de:
SEDICI (UNLP) de Universidad Nacional de La Plata
Descripción
Sumario:Cryptographic techniques authenticate users and protect information confidentiality. These tasks are performed by subsystems called Oracles. The most popular Oracle is the RSA system based on two large primes granting secure services. In 2008, a programming error in Open-SSL of the Debian system was detected. Its biased number generator created system vulnerabilities by turning certificates predictable. This paper analyses the generic performance of a RSA cryptographic Oracle and develops a methodology to detect irregularities and anomalies in the quality of the certificates. Ten million certificates delivered by a private PKI were analyzed and found significant differences between theoretical predictions and experimental results.

Ejemplares similares