RSA in the Real World

I study computer security and applied cryptography using a
theoretician's mathematical toolkit. Security vulnerability analysis
can often be a painstaking and implementation-specific process. My
approach uses cryptographic and algorithmic ideas to reason about the
security of deployed systems, to question assumptions underlying the
security of these systems, and to understand and model threats.

In this talk, I will use RSA, the world's most widely used public key
cryptosystem, as a vehicle to explore the interaction between
cryptographic algorithms and real-world usage:

– Discovering widespread catastrophic failures in the random number
generators in millions of network devices by computing the greatest
common divisors of millions of RSA public keys collected in the
wild.

– Reconstructing RSA private keys using only a few bits of the private
key revealed in the course of a side-channel attack.

In addition to their impact on security, many of the ideas arising in
the course of this work have surprising connections across computer
science, leading to, for example, new algorithms for decoding families
of error-correcting codes, applications within theoretical
cryptography, and practical privacy-enhancing technologies.
Nadia Heninger is a visiting researcher at Microsoft Research New
England. Her research focuses on security, applied cryptography, and
algorithms. She is best known for her work identifying widespread
entropy problems in cryptographic keys on the Internet (2012 Usenix
Security best paper award), and developing the "cold boot" attack
against disk encryption systems (2008 Usenix Security best student
paper award). In 2011-2012, she was an NSF Mathematical Sciences
Postdoctoral Fellow at UC San Diego. She received her Ph.D. in
computer science in 2011 from Princeton and a B.S. in electrical
engineering and computer science in 2004 from UC Berkeley.