RSA Şifreleme Sistemlerinin Kleptografik Arka Kapıları için Güvenlik ve Karmaşıklık Analizi

Emre CERAN, Mehmet Sabır KİRAZ, Osmanbey UZUNKOL
784 228

Öz


``Kriptografik bir sistemden, gizli bilgileri farkedilmeden ve sadece algoritmik değişiklerle çalabilme çalışmaları'' olarak özetleyebileceğimiz Kleptografi alt disiplinini incelediğimiz bu çalışmada, RSA şifreleme sistemine karşı kurgulanmış kleptografik atak senaryolarını, ilgili algoritmaları ve bu algoritmaların, atak barındırmayan standart algoritmaların gerçeklenmesi ile oluşan sonuçların karşılaştırmalı analizleri ele alınacaktır. Özellikle bu çalışmalarda, atakların bazıları implemente edilmiş ancak standart algoritma ile oluşacak davranış farkını gösterebilecek yeterli analizler yapılmamıştır. Bu çalışmada atakların ayırt edilebilmesi için yeterli olacak istatistiksel testler yapılmış ve oluşan sonuçlar analiz edilmiştir.


Anahtar kelimeler


Kleptografi; Kriptografi; RSA; Kriptografik arka kapı

Tam metin:

PDF


DOI: http://dx.doi.org/10.19113/sdufbed.70723

Referanslar


[1] A. Young and M. Yung, ``The dark side of “black-box” cryptography or: Should we trust capstone?'' in Advances in Cryptology—CRYPTO’96. Springer, 1996, pp. 89--103.

[2] G. J. Simmons, “The subliminal channel and digital signatures,” in Advances in Cryptology. Springer, 1984, pp. 364–378.

[3] R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, vol. 21, no. 2, pp. 120–126, 1978.

[4] T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” in Advances in cryptology. Springer, 1984, pp. 10–18.

[5] P. FIPS, “186-2. Digital Signature Standard (DSS),” National Institute of Standards and Technology (NIST), 2000.

[6] B. C. Neuman and T. Ts’ O, “Kerberos: An authentication service for computer networks,” Communications Magazine, IEEE, vol. 32, no. 9, pp. 33–38, 1994.

[7] A. Young and M. Yung, “Kleptography: Using cryptography against cryptography,” in Advances in Cryptology—Eurocrypt’97. Springer, 1997, pp. 62–74.

[8] W. Diffie and M. E. Hellman, “New directions in cryptography,” Information Theory, IEEE Transactions on, vol. 22, no. 6, pp. 644–654, 1976.

[9] C. Crépeau and A. Slakmon, “Simple backdoors for RSA key generation,” in Topics in Cryptology—CTRSA 2003. Springer, 2003, pp. 403–416.

[10] D. Coppersmith, “Finding a small root of a bivariate integer equation; factoring with high bits known,” in Advances in cryptology—EUROCRYPT’96. Springer, 1996, pp. 178–189.

[11] A. Young and M. Yung, Malicious cryptography: Exposing cryptovirology. John Wiley & Sons, 2004.

[12] A. L. Young and M. Yung, “A space efficient backdoor in RSA and its applications,” in Selected Areas in Cryptography. Springer, 2006, pp. 128–143.

[13] A. L. Young and M. Yung, “Space-efficient kleptography without random oracles,” in Information Hiding. Springer, 2007, pp. 112–129.

[14] A. Young and M. Yung, “Kleptography from standard assumptions and applications,” in Security and Cryptography for Networks. Springer, 2010, pp. 271–290.

[15] Z. Golebiewski, M. Kutyłowski, and F. Zagórski, “Stealing secrets with ssl/tls and ssh–kleptographic attacks,” in Cryptology and Network Security. Springer, 2006, pp. 191–202.

[16] E. J. Goh, D. Boneh, B. Pinkas, and P. Golle, “The design and implementation of protocol-based hidden key recovery,” in Information Security. Springer, 2003, pp. 165–179.

[17] M. Gogolewski, M. Klonowski, P. Kubiak, M. Kutyłowski, A. Lauks, and F. Zagórski, “Kleptographic attacks on e-voting schemes,” in Emerging Trends in Information and Communication Security. Springer, 2006, pp. 494–508.

[18] M. Gogolewski, M. Gomuªkiewicz, J. Kubiak, and M. Lauks, “Kleptographic attaks on e-auction schemes,” Tatra Mt. Math. Publ, vol. 41, no. 47, pp. 47–64, 2008.

[19] N. Perlroth, J. Larson, and S. Shane, “NSA able to foil basic safeguards of privacy on web,” The New York Times, vol. 5, 2013.

[20] J. Ball, J. Borger, and G. Greenwald, “Revealed: how US and UK spy agencies defeat internet privacy and security,” The Guardian, vol. 6, 2013.

[21] E. B. Barker and J. M. Kelsey, Recommendation for random number generation using deterministic random bit generators (revised). US Department of Commerce, Technology Administration, National Institute of Standards and Technology, Computer Security Division, Information Technology Laboratory, 2007.

[22] S. Checkoway, R. Niederhagen, A. Everspaugh, M. Green, T. Lange, T. Ristenpart, D. J. Bernstein, J. Maskiewicz, H. Shacham, and M. Fredrikson, “On the practical exploitability of dual ec in tls implementations,” in 23rd USENIX Security Symposium (USENIX Security 14), 2014, pp. 319–335.

[23] K. G., “Dual-EC-PRBG Comments,” http://www.math.ntnu.no/~kristiag/drafts/dual-ec-drbg-comments.pdf, 2006, (Son Erisim: Haziran 2016).

[24] D. S. and N. F., “On the possibility of a back door in the nist sp800-90 Dual-EC-PRNG. crypto 2007 rump session„” http://rump2007.cr.yp.to/15-shumow.pdf., 2007., (Son Eri¸sim: Haziran 2016).

[25] B. Schoenmakers and A. Sidorenko, “Cryptanalysis of the dual elliptic curve pseudorandom generator.” IACR Cryptology ePrint Archive, vol. 2006, p. 190, 2006.

[26] I. Mironov and N. Stephens-Davidowitz, “Cryptographic reverse firewalls,” in Advances in Cryptology- EUROCRYPT 2015. Springer, 2015, pp. 657–686.

[27] A. Russell, Q. Tang, M. Yung, and H. S. Zhou, “Cliptography: Clipping the power of kleptographic attacks,” Cryptology ePrint Archive, Report 2015/695, 2015. http://eprint. iacr. org, Tech. Rep., 2015.

[28] K. Ruohonen, “Mathematical cryptology,” Lecture Notes, 2010.

[29] J. Hoffstein, J. Pipher, J. H. Silverman, and J. H. Silverman, An introduction to mathematical cryptography. Springer, 2008, vol. 1.

[30] E. Güzel. Erhan Güzel Cebir Sayfası http://web.iku.edu.tr/~eguzel (Son Eri¸sim: Haziran 2016).

[31] Marmara Üniversitesi Fen-Edebiyat Fakültesi Cebir Ders Notları http://mat.fef.marmara.edu.tr/ogrencilere/cebir-ii-ders-notlari/ (Son Eri¸sim: Haziran 2016).

[32] D. Boneh et al., “Twenty years of attacks on the RSA cryptosystem,” Notices of the AMS, vol. 46, no. 2, pp. 203–213, 1999.

[33] E. Ceran, M.S. Kiraz, O. Uzunkol, 2016. Kleptografi: Kriptografik Sistemlerde Arka Kapılar. ˙Istanbul ¸ Sehir Üniversitesi, Fen Bilimleri Enstitüsü, Yüksek Lisans Tezi, 71s, Istanbul.




Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.

   ISSN: 1300-7688
e-ISSN: 1308-6529