Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/53222
Title: Black-box cryptography is dangerous III
Authors: Lee, Esther Yu Ling.
Keywords: DRNTU::Library and information science::Cryptography
Issue Date: 2013
Abstract: Cryptographic libraries are readily available for developers to use and download however, many a times, developers do not understand or check the exact codes that they have downloaded and are implementing. Developers who do not check the implementation of the libraries and just use the libraries without knowing its functionality is similar to using cryptography as a black box device. The issue of a SETUP(Secretly Embedded Trapdoor with Universal Protection) mechanism can be used to leak encrypted information inside a cryptographic algorithm has been raised by Adam Young and Moti Yung, hence this project will explore SETUP attacks on security APIs that are used in a black box manner. This project focuses on the implementation of a SETUP attack on RSA on a Windows OS and on the Java Security Architecture. The project is able to show that Windows OS and the Java Security Architecture are quite easily vulnerable to SETUP attacks as security APIs can be modified into contaminated code rather easily. The project is somewhat unsuccessful in emulating a SETUP attack on RSA by affecting the prime factor generation due to fluctuations in its runtime, however, it is still able to show much potential in being a feasible mode of attack if that aspect can be improved on.
URI: http://hdl.handle.net/10356/53222
Rights: Nanyang Technological University
Fulltext Permission: restricted
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)

Files in This Item:
File Description SizeFormat 
FYP report_esther_amended.pdf
  Restricted Access
amended report846.42 kBAdobe PDFView/Open

Page view(s) 50

364
checked on Oct 26, 2020

Download(s) 50

38
checked on Oct 26, 2020

Google ScholarTM

Check

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.