Title :
Random data and key generation evaluation of some commercial tokens and smart cards
Author :
Boorghany, Ahmad ; Sarmadi, Siavash Bayat ; Yousefi, Pamian ; Gorji, Pouneh ; Jalili, Rasool
Author_Institution :
Comput. Eng. Dept., Sharif Univ. of Technol., Tehran, Iran
Abstract :
In this paper, we report our evaluation of the strength of random number generator and RSA key-pair generator of some commercially available 1 constrained hardware modules, i.e., tokens and smart cards. That was motivated after recent related attacks to RSA public keys, which are generated by constrained network devices and smart cards, and turned out to be insecure due to low-quality randomness. Those attacks are mostly computing pair-wise GCD between the moduli in public keys, and resulted in breaking several thousands of these keys. Our results show that most of the tested hardware modules behave well. However, some have abnormal or weak random generators which seem to be unsuitable for cryptographic purposes. Moreover, another hardware module, in some rare circumstances, unexpectedly generates moduli which are divisible by very small prime factors.
Keywords :
public key cryptography; smart cards; RSA key-pair generator; RSA public keys; commercial tokens; commercially available constrained hardware modules; constrained network devices; cryptographic purposes; key generation evaluation; low-quality randomness; pair-wise GCD; random data evaluation; random number generator; smart cards; weak random generators; Generators; Hardware; Java; Public key; Smart cards; Cryptography; GCD Attack; Hardware Security Module; RSA Common Prime; Random Generator Evaluation;
Conference_Titel :
Information Security and Cryptology (ISCISC), 2014 11th International ISC Conference on
Conference_Location :
Tehran
DOI :
10.1109/ISCISC.2014.6994021
