Cryptography

NIST Announces the End of RSA and ECDSA

/ bugejajoseph / Leave a comment

In a significant shift for cyber security, NIST has announced the deprecation of RSA, ECDSA, and EdDSA encryption algorithms by 2030, with a full disallowance by 2035. This transition, outlined in the NIST IR 8547 document (currently in draft), is driven by the growing quantum threat and sets a clear timeline for organizations to update their cryptographic systems.

While there may be no cryptographically relevant quantum computers yet that currently threaten levels of security, these long-standing public-key algorithms remain vulnerable to Shor’s Algorithm on such future quantum systems. On the other hand, NIST-approved symmetric primitives providing at least 128 bits of security are unaffected by this change.

NIST has posted a transition schedule for post-quantum cryptography (PQC), outlining key milestones to help organizations adopt quantum-resistant algorithms. Three PQC standards to strengthen modern public-key cryptography infrastructure for the quantum era include ML-KEM, ML-DSA, and SLH-DSA.

The proposed timeline is expected to significantly influence the industry, with global attention now also on the European Union’s position on PQC, as many await its stance before proceeding with full-scale implementations.

To learn more, read the full NIST IR 8547 draft here.

Understanding Stream Ciphers with LFSRs

/ bugejajoseph / Leave a comment

Last week, I delivered a lecture at the University of Malta on stream ciphers, building on our previous session on pseudorandom number generation. We had previously covered PRNGs and CSPRNGs, providing the foundation for understanding secure encryption methods, leading to our discussion on Linear Feedback Shift Registers (LFSRs) and their role in stream ciphers.

LFSRs are simple yet powerful tools in cryptography. They generate sequences based on their current state and a feedback mechanism, making them useful in stream ciphers due to minimal hardware needs and long outputs. LFSRs consist of a series of flip-flops connected in a chain, with the output of some flip-flops XORed and fed back into the input. This feedback loop creates a pseudorandom sequence of bits, which can be used as a keystream for encryption.

Students explored how LFSRs create cryptographic bitstreams, essential for understanding more advanced systems. Below is a Python code snippet of a basic 4-bit LFSR, illustrating how its state evolves and new bits are generated through feedback.

state = 0b1001
for i in range(20):
print("{:04b}".format(state))
newbit = (state ^ (state >> 1)) & 1
state = (state >> 1) | (newbit << 3)

Delving into the RSA Cryptosystem and Beyond

/ bugejajoseph / Leave a comment

In my recent lectures (10 and 11) on Applied Cryptography, I delved into Public Key Cryptography (PKC) with a particular emphasis on the RSA cryptosystem. Initiating with an examination of fundamental number theory, I introduced essential components such as the Extended Euclidean Algorithm, Euler’s Totient Function, and Fermat’s Little Theorem. Utilizing the whiteboard, I also explained through simple examples the Miller-Rabin primality test and the Square and Multiply algorithm.

Building upon this foundation, I then delved into the RSA cryptosystem and why and how it works. In a practical application, I leveraged the Python’s PyCryptodome library to demonstrate RSA encryption, incorporating also the Optimal Asymmetric Encryption Padding (OAEP) for secure session key exchange with AES. Close to the end of lecture, I also harnessed the power of SageMath to delve into mathematical attacks on RSA. 

In my upcoming lecture, I will introduce also Elliptic Curve Cryptography (ECC). ECC is an alternative to the RSA. It is based on a different trapdoor one-way function than RSA, and is used for digital signatures in cryptocurrencies, as well as one-way encryption of emails, data and software. While the RSA key generation involves the selection of two large prime numbers, ECC key generation essentially involves choosing a random elliptic curve over a finite field. 

If you have a project or initiative you would like to collaborate on, or if there is a specific area where our expertise aligns, do not hesitate to get in touch.

My First Lecture at the University of Malta

/ bugejajoseph / Leave a comment
Snapshot of the title slide captured prior to the lesson.

I initiated the Applied Cryptography course at the University of Malta on Monday evening. As a cyber security professional and academic with a strong commitment to the field of information security, I am genuinely excited to be leading this specialized academic course this year.

Throughout the introductory lecture, I delved into the foundational concepts of cryptology, emphasizing its profound relevance within contemporary security applications. The pedagogical discourse traversed a diverse spectrum of topics, encompassing cryptographic mechanisms, the examination of classical substitution ciphers and their formal representations, a concise introduction to cryptanalysis, and more.

I am excited to be a part of this journey and look forward to the next lecture in this course on Monday!