Cryptography Reference
In-Depth Information
powerful than the simple power analysis (SPA) shown in this section. On the other
hand, numerous countermeasures against DPA are known. Good references are
The
Side Channel Cryptanalysis Lounge
[70] and the excellent topic on DPA [113].
Related implementation-based attacks are
fault injection attacks
and
timing attacks
.
It is important to stress that a cryptosystem can be mathematically very strong but
still be vulnerable to side-channel attacks.
7.11 Lessons Learned
RSA is the most widely used public-key cryptosystem. In the future, elliptic
curve cryptosystems will probably catch up in popularity.
RSA is mainly used for key transport (i.e., encryption of keys) and digital signa-
tures.
The public key
e
can be a short integer. The private key
d
needs to have the
full length of the modulus. Hence, encryption can be significantly faster than
decryption.
RSA relies on the integer factorization problem. Currently, 1024-bit (about 310
decimal digits) numbers cannot be factored. Progress in factorization algorithms
and factorization hardware is hard to predict. It is advisable to use RSA with
a 2048-bit modulus if one needs reasonable long-term security, especially with
respect to extremely well funded attackers.
“Schoolbook RSA” allows several attacks, and in practice RSA should be used
together with padding.
