Cryptography: Difference between revisions
Jump to navigation
Jump to search
Line 111: | Line 111: | ||
</pre> |
</pre> |
||
Other method based on the ''General Number Field Sieve'' (GNFS). There are several free ports on Linux: |
Other method based on the ''General Number Field Sieve'' (GNFS). There are several free ports on Linux: |
||
* [http://gladman.plushost.co.uk/oldsite/computing/factoring.php], links to other projects like GGNFS, MSIEVE, YAFU, up-to-date binaries, Python... |
|||
⚫ | |||
* [http://www.math.ttu.edu/~cmonico/software/ggnfs/ GGNFS], which is based on GMP library. |
* [http://www.math.ttu.edu/~cmonico/software/ggnfs/ GGNFS], which is based on GMP library. |
||
⚫ | |||
* [https://sourceforge.net/projects/factor-by-gnfs/ factor-by-gnfs] |
|||
* [http://sites.google.com/site/bbuhrow/home YAFU], Yet Another Factorization Utility |
|||
* [http://www.flintlib.org/ Flint] documentation refers to a program '''mpQS''' that would implement the quadratic sieve method. |
* [http://www.flintlib.org/ Flint] documentation refers to a program '''mpQS''' that would implement the quadratic sieve method. |
Revision as of 10:40, 3 September 2010
Key Lengths
RSA
See recommendations from Bruce Schneier in Applied Cryptography (§7.2, [1]). See also [2]
Year | vs. industry | vs. Corporate | vs. Government |
---|---|---|---|
1995 | 768 | 1280 | 1536 |
2000 | 1024 | 1280 | 1536 |
2005 | 1280 | 1536 | 2048 |
2010 | 1280 | 1536 | 2048 |
2015 | 1536 | 2048 | 2048 |
Generate RSA Keys
Under Linux, Install package racoon. Then you can use plainrsa-gen to generate a RSA key pair:
sudo plainrsa-gen -b 2048 -e 3
# : PUB 0sAQOTQ2zIwqxqjy4LRTwXEHB/WdxMrrcldKBAut3siLnuQMCDFGkwSfOc9v+77ibPDqtJQj0C8nys7+W1gI3o6yht+SjG+m16hZwvwl0Mt81E11Tca6k6py1wNmntxvePtotG3uk6MhqpluJAUeOxIL6YcHLcsgBi19gwHiU1YBFF2Q== : RSA { # RSA 1024 bits # pubkey=0sAQOTQ2zIwqxqjy4LRTwXEHB/WdxMrrcldKBAut3siLnuQMCDFGkwSfOc9v+77ibPDqtJQj0C8nys7+W1gI3o6yht+SjG+m16hZwvwl0Mt81E11Tca6k6py1wNmntxvePtotG3uk6MhqpluJAUeOxIL6YcHLcsgBi19gwHiU1YBFF2Q== Modulus: 0x93436cc8c2ac6a8f2e0b453c1710707f59dc4caeb72574a040baddec88b9ee40c08314693049f39cf6ffbbee26cf0eab49423d02f27cacefe5b5808de8eb286df928c6fa6d7a859c2fc25d0cb7cd44d754dc6ba93aa72d703669edc6f78fb68b46dee93a321aa996e24051e3b120be987072dcb20062d7d8301e2535601145d9 PublicExponent: 0x03 PrivateExponent: 0x622cf33081c8470a1eb22e280f604aff913d88747a18f86ad5d1e9485b269ed5d5acb84620314d134f5527f419df5f1cdb817e01f6fdc89fee79005e9b4770484de1f0c003dcbeac2290f28f5594022ec0ca86fd0618ec77d0db3f24e0ddd9339a77b1126f3256d9405ce86bcd456f4db2ef0c019a763abee74eb29cb161568b Prime1: 0xc37626fcd807b365f62e70d07ad1c2383f0a987f373eca93bbd723bd6676062263fef48a1c99efbb4e2d64d82fecc1756ea3845db786746d9145f5c267931f5d Prime2: 0xc0dfb6dd8fa7b43405ba80653c9d7f58f4a208ae7a430028c149eb523fccea9b7b2c6b146eb53795b3879069cd4bd62e7568c651e12b0b4c43e22387ee6c24ad Exponent1: 0x824ec4a890052243f9744b35a736817ad4b1baff7a29dc627d3a17d399a40416ed54a306bdbbf527897398901ff32ba39f17ad93cfaef8490b83f92c450cbf93 Exponent2: 0x80952493b51a7822ae7c5598d313aa3b4dc15b1efc2caac5d631478c2a889c67a772f20d9f237a63cd050af13387e41ef8f08436961cb232d7ec17aff4481873 Coefficient: 0x80c5560ddad756e413c19fb39c83370dfa3ca5881ebb0b0a5098fbd81b007e20c7b7a104b0aada943d2f5ae64409a9e3b677e10d5c20f414959a621852424b19 }
Another solution is to use openssl
:
openssl genrsa 256 | openssl asn1parse
This gives:
Generating RSA private key, 256 bit long modulus ....+++++++++++++++++++++++++++ ..........+++++++++++++++++++++++++++ e is 65537 (0x10001) 0:d=0 hl=3 l= 171 cons: SEQUENCE 3:d=1 hl=2 l= 1 prim: INTEGER :00 6:d=1 hl=2 l= 33 prim: INTEGER :BEF5D2D6550C4CF428A59A9099573D325D350F603E0C538B17CE6AFA7D2513B9 41:d=1 hl=2 l= 3 prim: INTEGER :010001 46:d=1 hl=2 l= 32 prim: INTEGER :316F66238264EACF126EBCB2CE5F9D41A74C7DE23069107B73CB664B505C0BD9 80:d=1 hl=2 l= 17 prim: INTEGER :F83F3AAC16EA5DFDCF8F08C85415EEA3 99:d=1 hl=2 l= 17 prim: INTEGER :C4EC941CCE450AF0B6ED7AA8D73225F3 118:d=1 hl=2 l= 17 prim: INTEGER :ECCFB472B1B185543809E480E5E5BE2D 137:d=1 hl=2 l= 17 prim: INTEGER :8CF9A4AADE8C14E1F0C31FEDA169383B 156:d=1 hl=2 l= 16 prim: INTEGER :1E8BD8FD9E1B1FC747B2C269ECA6CAA5
The following script will generate 10 keys for each size in the set {1024 1536 1664 1792 1920 2048 2304 2560 2816 3072 3328 3584 3840 4096}:
#! /bin/bash
#
# Script to generate a batch of RSA keys of various length
#
function gen-one-key()
{
openssl genrsa $1 | openssl pkcs8 -topk8 -nocrypt -outform DER -out "$2-pk8.der"
openssl asn1parse -inform DER -in "$2-pk8.der" > "$2-pk8.txt"
echo -e "\n############### Content of RSA Private Key object ###############\n" >> "$2-pk8.txt"
openssl pkcs8 -inform DER -in "$2-pk8.der" -nocrypt | openssl asn1parse >> "$2-pk8.txt"
}
for keylength in 1024 1536 1664 1792 1920 2048 2304 2560 2816 3072 3328 3584 3840 4096; do
for keyidx in $(seq 1 10); do
keyname="rsakey-${keylength}b-$(printf '%02d' $keyidx)"
echo "########## gen-one-key $keylength \"$keyname\""
gen-one-key $keylength "$keyname"
done
done
Factorize RSA
# RSA 192-bit
mod192=0xbdd0fcbce5f05aae8049f0699443b575c3119a00f712fd67
print "Factoring RSA 192-bit modulus"
print "mod192=",mod192
print "Using factor():"
time mod192.factor()
print "Using ecm.factor():"
time ecm.factor(mod192)
This gives:
Factoring RSA 192-bit modulus mod192= 4654283518078358737104805100407304944292151641869472955751 Using factor(): 67662411935248621468167032027 * 68786840210963828271650042213 Time: CPU 12.14 s, Wall: 13.55 s Using ecm.factor(): [67662411935248621468167032027, 68786840210963828271650042213] Time: CPU 0.00 s, Wall: 62.04 s
Other method based on the General Number Field Sieve (GNFS). There are several free ports on Linux:
- [4], links to other projects like GGNFS, MSIEVE, YAFU, up-to-date binaries, Python...
- GGNFS, which is based on GMP library.
- kmGNFS - A General Number Field Sieve (GNFS) Implementation, based on NTL library.
- factor-by-gnfs
- YAFU, Yet Another Factorization Utility
- Flint documentation refers to a program mpQS that would implement the quadratic sieve method.