(Difficult) The concept I struggled with in this section was dealing with timing attacks. I understand how such attacks might give you a rough idea on the order of 'e' or the order of 'n', but I don't understand how it could find exact binary values as mentioned in the section. The equation at the end of page 174 sounds like we can actually calculate the decryption key just by the timing of each computation in RSA. I also had a hard time understanding how they used statistics in this formula, finding the mean and variance.
(Reflective) The thing that I found most interesting in this lecture was the flexibility of RSA. There are some very well thought attacks against RSA, but almost all of them can be avoided using a few basic guidelines. The way we generate the primes p and q, the way we pick the exponents e and d, and how we construct the message m can all become weaknesses if we are not careful. The only attack that seemed serious was the timing attacks, although the book mentions that there are ways to avoid this attack as well. It made me think back to Kerchoff's Principle. RSA is laid out in the simplest way. Everyone has the public key encryption method, and everyone knows how the decryption method works, but it still stands up against cryptanalysis quite well.
No comments:
Post a Comment