Repository logo
 

Large-scale analysis of the security of cryptographic keys

dc.contributor.advisorStakhanova, Natalia
dc.contributor.committeeMemberVassileva, Julita
dc.contributor.committeeMemberKeil, Mark
dc.contributor.committeeMemberZhang, Chris
dc.creatorRivera Carranza, Ronald Ernesto
dc.creator.orcid0000-0002-2841-7954
dc.date.accessioned2021-01-27T17:40:06Z
dc.date.available2021-01-27T17:40:06Z
dc.date.created2021-06
dc.date.issued2021-01-27
dc.date.submittedJune 2021
dc.date.updated2021-01-27T17:40:06Z
dc.description.abstractCryptographic algorithms are considered provably secure due to their strong mathematical foundation. Notwithstanding, real-life application of cryptographic algorithms and protocols continues to fail. These failures are frequently due to low entropy, faulty library implementation, and Application Programming Interface (API) misuse. Biases introduced during the generation process incorporate distinct bit patterns in RSA cryptographic keys allowing their attribution, thus endangering their advertised security. This thesis proposes a novel attribution approach to link cryptographic keys to their originating libraries based on moduli’s characteristics. We analyze over 6.5 million generated keys and show that only a few of these characteristics are enough to achieve a 75% accuracy in the attribution of individual keys to their originating library. Also, depending on the library, our approach is sensitive enough to pinpoint the corresponding major, minor, and build release information for several libraries with accuracy levels between 81% and 98%. We further explore the attribution of SSH keys collected from publicly facing IPv4 addresses proving that our approach differentiates individual libraries of RSA keys with a 95% accuracy.
dc.format.mimetypeapplication/pdf
dc.identifier.urihttp://hdl.handle.net/10388/13234
dc.subjectPublic-Key Cryptography
dc.subjectRSA
dc.subjectCryptography
dc.subjectAttribution
dc.subjectMachine Learning
dc.titleLarge-scale analysis of the security of cryptographic keys
dc.typeThesis
dc.type.materialtext
thesis.degree.departmentComputer Science
thesis.degree.disciplineComputer Science
thesis.degree.grantorUniversity of Saskatchewan
thesis.degree.levelMasters
thesis.degree.nameMaster of Science (M.Sc.)

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
RIVERACARRANZA-THESIS-2021.pdf
Size:
941.89 KB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
LICENSE.txt
Size:
2.28 KB
Format:
Plain Text
Description: