Cryptography / Algorithms [ Theory and implementation of cryptographic algorithms... ]
Factoring RSA Keys With TLS Perfect Forward Secrecy
This report describes the successful factorization of RSA moduli, by connecting to faulty TLS servers which enable forward secrecy and which use an insufficiently hardened RSA-CRT implementation. The history of this particular RSA-CRT implementation defect is discussed, and the current state of countermeasures is reviewed. Some familiarity with the RSA cryptosystem and the Transport Layer Security protocol suite is assumed.