The following technical report is available from
http://aib.informatik.rwth-aachen.de:
Information Hiding in the Public RSA Modulus
Stefan Wüller, Marián Kühnel, and Ulrike Meyer
AIB 2015-11
The manufacturer of an asymmetric backdoor for a public key cryptosystem
manipulates the key generation process in such a way that he can extract
the private key or other secret information from the user's public key
by involving his own public/private key pair. All backdoors in major
public key cryptosystems, including RSA, differ substantially in their
implementation approaches and in their quality in satisfying backdoor
related properties like confidentiality or concealment. While some of
them meet neither of these two properties very well, others provide a
high level of confidentiality but none of them is concealing, which
limits their use for covert implementation. In this work we introduce
two novel asymmetric RSA backdoors, both following the approach to embed
bits of one of the RSA prime factors in the user's public RSA modulus.
While our first backdoor provides confidentiality for a sufficiently
large key length, it might be detected under certain circumstances. The
second backdoor extends the first one such that it additionally provides
concealment and is thus particularly suitable for covert implementation.
