In this paper, we present a parallel approach to common factor attack on RSA moduli obtained by mining TLS and SSH certificates from the Internet. Our work generalizes that of Heninger et al. (2012) for a resource constrained environment, where the memory may not be sufficient to create the product tree required for batch-wise GCD computation on the entire dataset. We propose a data-parallel routine to efficiently exploit the batch-wise GCD algorithm in a resource constrained setting, and mount the common factor attack on TLS and SSH certificates to obtain the set of vulnerable RSA moduli with reasonable accuracy.
[1]
Nadia Heninger,et al.
Weak Keys Remain Widespread in Network Devices
,
2016,
Internet Measurement Conference.
[2]
Arjen K. Lenstra,et al.
Ron was wrong, Whit is right
,
2012,
IACR Cryptol. ePrint Arch..
[3]
Tanja Lange,et al.
Factoring RSA keys from certified smart cards: Coppersmith in the wild
,
2013,
IACR Cryptol. ePrint Arch..
[4]
Adi Shamir,et al.
A method for obtaining digital signatures and public-key cryptosystems
,
1978,
CACM.
[5]
Carl Pomerance,et al.
A Tale of Two Sieves
,
1998
.