We know that blockchain essentially works on the basis of cryptography and one of the most widely used cryptographic algorithms is RSA or the Rivest-Shamir-Adlemen algorithm. Although it is a rather secure algorithm, hackers often find their ways around it to crack it and attack it. Here’s looking at a few ways in which RSA algorithm can be attacked:

Attacks on the RSA can be broken down into two main types. The first type includes those attacks that try to overpower the mathematical function that lies at the core of the algorithm. The second type involves taking advantage of weak links in the superstructure, of faulty implementation of the algorithm.

## Brute Force Attack: Combing Through the Message Space

In public key algorithms such as RSA, one obvious vulnerability that remains is that the encryption algorithm is readily available to anyone. Therefore, someone who’s looking to attack it can make an effort to encrypt every block of message,till they successfully match one with a ciphertext block. However, having said that, this isn’t the easiest attack to wage because the blocks are rather large in size and if such an attack is attempted, it could, quite literally, take forever to accomplish.

## Blinding Attack

When the Blind Signature scheme is being used in the RSA algorithm, the blind signer maybe tricked into blind signing another message, resultantly revealing the contents of the target message of the hackers to them.

## Ciphertext Attack

In this kind of an attack, the hacker is usually well aware of both the ciphertext as well as the plaintext. This means they only have to encrypt something and make an attempt to crack the key and find d, the private exponent. For this, attackers would possibly need to carry out a trial with every possible system key on the ciphertext till they find that the ciphertext has been successfully reversed into the original plaintext. Finding the d is the key to finding the factors of n to then take down the system fully. Once that has been done, it is a breeze to decrypt remaining ciphertexts. This attack is also not too efficient because it takes a great deal of time to try and solve such a large number of possibilities for d. The process of factorising n is also quite complex and takes up too much time. If one really must use this method of attack, having an algorithm for n factorisation first makes more sense than to directly go into using the ciphertext attack.

## Cycle Attack:

A lot like ciphertext attack, a cycle attack requires one to repeatedly work on encrypting the ciphertext, counting how many times it’s being done, till the original text is revealed. The number of rounds needed, once found out, can be used to decrypt any ciphertext. However, again, this process is extremely slow and not too practical if the key is too large. The attack can work somewhat more efficiently if it is generalized in such a way that the modulus can be factored. Even so, the problem of a large key remains.

## Low Exponent Attack

Often, to avoid a cycle attack, RSA Algorithm is secured by using the encrypting exponent as e=3. This means that the same exponent or message is encrypted thrice using different moduli. However, even this can be broken by using what is known as the Chinese Remainder Theorem.

## Taking Advantage of A Common Moduli

Often, users in an RSA system, especially those working in the same organization, would share a common public modulus, chosen by the management and distributed to all their workers. This saves time but also makes the system vulnerable as any attacker can eavesdrop to access whatever messages are encrypted using a couple of keys. Insiders, especially, pose more of a threat to the security of the system, as they can view all messages by logging in with any co-worker’s key and taking the system down.

## Factoring the Public Key

This is the most effective way of attacking the RSA algorithm. RSA is an asymmetric algorithm, which means that it has a public key and a private key, the duality of which is based on the fact that it is extremely difficult to factor two large prime numbers. Now, a computer can break this by using the highest common factor of two large numbers using the Euclidean algorithm. If the HCF is anything other than 1, then the factorisation problem is easily bypassed and the attacker can break both keys simultaneously.

## Leave a Comment