RSA Cryptosystem

NIST Announces the End of RSA and ECDSA

/ bugejajoseph / Leave a comment

In a significant shift for cyber security, NIST has announced the deprecation of RSA, ECDSA, and EdDSA encryption algorithms by 2030, with a full disallowance by 2035. This transition, outlined in the NIST IR 8547 document (currently in draft), is driven by the growing quantum threat and sets a clear timeline for organizations to update their cryptographic systems.

While there may be no cryptographically relevant quantum computers yet that currently threaten levels of security, these long-standing public-key algorithms remain vulnerable to Shor’s Algorithm on such future quantum systems. On the other hand, NIST-approved symmetric primitives providing at least 128 bits of security are unaffected by this change.

NIST has posted a transition schedule for post-quantum cryptography (PQC), outlining key milestones to help organizations adopt quantum-resistant algorithms. Three PQC standards to strengthen modern public-key cryptography infrastructure for the quantum era include ML-KEM, ML-DSA, and SLH-DSA.

The proposed timeline is expected to significantly influence the industry, with global attention now also on the European Union’s position on PQC, as many await its stance before proceeding with full-scale implementations.

To learn more, read the full NIST IR 8547 draft here.

Delving into the RSA Cryptosystem and Beyond

/ bugejajoseph / Leave a comment

In my recent lectures (10 and 11) on Applied Cryptography, I delved into Public Key Cryptography (PKC) with a particular emphasis on the RSA cryptosystem. Initiating with an examination of fundamental number theory, I introduced essential components such as the Extended Euclidean Algorithm, Euler’s Totient Function, and Fermat’s Little Theorem. Utilizing the whiteboard, I also explained through simple examples the Miller-Rabin primality test and the Square and Multiply algorithm.

Building upon this foundation, I then delved into the RSA cryptosystem and why and how it works. In a practical application, I leveraged the Python’s PyCryptodome library to demonstrate RSA encryption, incorporating also the Optimal Asymmetric Encryption Padding (OAEP) for secure session key exchange with AES. Close to the end of lecture, I also harnessed the power of SageMath to delve into mathematical attacks on RSA. 

In my upcoming lecture, I will introduce also Elliptic Curve Cryptography (ECC). ECC is an alternative to the RSA. It is based on a different trapdoor one-way function than RSA, and is used for digital signatures in cryptocurrencies, as well as one-way encryption of emails, data and software. While the RSA key generation involves the selection of two large prime numbers, ECC key generation essentially involves choosing a random elliptic curve over a finite field. 

If you have a project or initiative you would like to collaborate on, or if there is a specific area where our expertise aligns, do not hesitate to get in touch.