RSA & ECC Attack Prevention

TL;DR

This guide explains how to protect your RSA and Elliptic Curve Cryptography (ECC) systems from common attacks. We’ll cover key generation, padding schemes, side-channel attacks, and certificate validation.

Improving RSA & ECC Security

1. Key Generation: Weak keys are the easiest target.
• RSA: Use a key size of at least 2048 bits, preferably 3072 or 4096 for long-term security. Generate keys using strong random number generators (RNGs). Avoid predictable seeds.
• ECC: Use curves like secp256r1 (also known as P-256) with a key size of at least 256 bits. Ensure your RNG is secure.
2. Padding Schemes (RSA): Proper padding prevents attacks like textbook RSA.
• PKCS#1 v1.5 Padding: While widely used, it’s vulnerable to Bleichenbacher attacks. Avoid if possible.
• OAEP (Optimal Asymmetric Encryption Padding): The recommended padding scheme for RSA. It adds randomness and structure making it much harder to break. Most libraries implement this by default now. Example using OpenSSL:

  openssl rsautl -encrypt -inkey private.pem -pubin -in message.txt -out encrypted_message.enc

• PSS (Probabilistic Signature Scheme): Use for RSA signatures, offering similar security benefits to OAEP.
3. Side-Channel Attacks: These attacks exploit information leaked during cryptographic operations (timing, power consumption).
• Timing Attacks: Implement constant-time algorithms where the execution time doesn’t depend on secret data. Libraries usually handle this but verify if you’re using custom code.
• Power Analysis: More difficult to defend against, often requires specialized hardware and software countermeasures. Consider using cryptographic accelerators designed with side-channel resistance in mind.
4. ECC Specific Considerations: ECC is generally more secure for a given key size than RSA but still needs careful implementation.
• Curve Choice: Stick to well-vetted, standard curves like secp256r1. Avoid custom or obscure curves unless you have a very good reason and expert knowledge.
• Point Validation: Always validate the points used in ECC operations (addition, multiplication) to prevent invalid curve attacks.
5. Certificate Validation: Crucial for ensuring you’re communicating with the intended party.
• Chain of Trust: Verify the entire certificate chain back to a trusted root Certificate Authority (CA).
• Revocation Lists (CRLs) & OCSP: Check if certificates have been revoked. OCSP stapling is preferred as it reduces load on CRL servers.
• Hostname Verification: Ensure the certificate’s hostname matches the server you are connecting to.
6. Key Storage: Protect your private keys!
• Hardware Security Modules (HSMs): The most secure option, storing keys in dedicated hardware.
• Secure Enclaves: Use technologies like Intel SGX or ARM TrustZone to protect keys within a trusted execution environment.
• File System Permissions: If you must store keys on disk, restrict access using strong file system permissions (e.g., only readable by the appropriate user/service). Encrypt the key files at rest.
7. Regular Updates & Audits: Keep your cryptographic libraries and software up to date with the latest security patches. Regularly audit your systems for vulnerabilities.

Resources

• OWASP Cryptographic Storage Cheat Sheet: https://cheatsheetseries.owasp.org/Cheatsheets/Cryptographic_Storage.html
• NIST Special Publication 800-57: https://csrc.nist.gov/publications/detail/sp/800-57