Embedding asymmetric backdoors into the RSA key generator

Young, A., Yung, M.: Kleptography: using Cryptography against Cryptography, EUROCRYPT-97 (Series: Lecture Notes in Computer Science), Vol. 1233, pp. 62-74. Springer (1998) Zhukov, A.E., Markelova, A.V.: Cryptography and Kleptography. Backdoors in the RSA Algorithm, Zaŝita informacii. Inside, ISSN 2413-3582, 2 2019, 74-79 (2019) Thomas, S.L., Francillon, A.: Backdoors: Definition, Deniability and Detection. In: Bailey, M., Holz, T., Stamatogiannakis, M., Ioannidis, S. (eds.) Research in Attacks, Intrusions, and Defenses. RAID: Lecture Notes in Computer Science, vol. 11050. Springer, Cham (2018) Bannier, A., Filiol, E.: Partition-based Trapdoor Ciphers. InTech editions (2017) Simmons, G.J.: The prisoners problem and the subliminal channel. In: Chaum, D. (ed.) Advances in Cryptology-Crypto 83, pp. 51–67. Plenum Press, New York (1984) Simmons, G.J.: The history of subliminal channels. IEEE J. Sel. Areas Commun. 16(4), 452–461 (1998) Blaze, M.: Protocol Failure in the Escrowed Encryption Standard. August 20 (1994)http://www.mattblaze.org/papers/eesproto.pdf Deputy Attorney General Rod J. Rosenstein Delivers Remarks on Encryption at the United States Naval Academy. Annapolis, MD Tuesday, October 10, 2017https://www.justice.gov/opa/speech/deputy-attorney-general-rod-j-rosenstein-delivers-remarks-encryption-united-states-naval Levy, I., Robins, C.: Principles for a more informed exceptional access debate. November 29 (2018)https://www.lawfareblog.com/principles-more-informed-exceptional-access-debate Thomson, K.: Reflection on trusting trust. Commun. ACM 27(8), 761–763 (1984) Filiol, E.: Dynamic Cryptographic Trapdoors. CanSecWest 2011, Vancouver, February 9th–11th (2011) FBI ’planted backdoor’ in OpenBSD. 15 Dec (2010)https://www.theregister.com/2010/12/15/openbsd_backdoor_claim FBI accused of planting backdoor in OpenBSD IPSEC stack. 15 Dec 2010.https://arstechnica.com/information-technology/2010/12/fbi-accused-of-planting-backdoor-in-openbsd-ipsec-stack Bernstein, D.J., Lange, T., Niederhagen, R.: Dual EC: A Standardized Back Door. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9100, pp. 256-281). Springer Adrian, D., Bhargavan, K., Durumeric, Z., Gaudry, P., Green, M., Halderman, J.A., Heninger, N., Springall, D., Thomé, E., Valenta, L., VanderSloot, B., Wustrow, E., Zanella-Béguelin, S.: Zimmermann. Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice. In: 22nd ACM Conference on Computer and Communications Security (CCS ’15), Denver, CO, October (2015) Schneier, B..: Evaluating the GCHQ Exceptional Access Proposal. January 17 (2019 )https://www.lawfareblog.com/evaluating-gchq-exceptional-access-proposal Callas, J.: Adding a Ghost User to Our Encrypted Communications Is No ’Crocodile Chip’. By Jon Cal July 23 (2019) https://www.aclu.org/blog/privacy-technology/adding-ghost-user-our-encrypted-communications-no-crocodile-chip Barker, E., Kelsey, J.: NIST Special Publication 800-90. Recommendation for Random Number Generation Using Deterministic Random Bit Generators. June (2006)https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-90.pdf Johnson, D.B.: Number theoretic DRBGs. NIST RNG Workshop. July 20 (2004).https://cryptome.org/2013/12/NumberTheoreticDRBG.pdf Shumow, D., Ferguson, N.: On the possibility of a back door in the NIST SP800-90 Dual Ec Prng. CRYPTO (2007) Rump Session, August 2007. http://rump2007.cr.yp.to/15-shumow.pdf Schneier, B.: Did NSA put a secret backdoor in new encryption standard? Wired Magazine (2007) https://www.wired.com/2007/11/securitymatters-1115/ Menn, J.: Exclusive: Secret contract tied NSA and security industry pioneer. Reuters. December 21, (2013)https://www.reuters.com/article/us-usa-security-rsa/exclusive-secret-contract-tied-nsa-and-security-industry-pioneer-idUSBRE9BJ1C220131220 Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978) Young, A., Yung, M.: The Dark Side of Black-Box Cryptography., CRYPTO-96, Lect. Notes Comput. Sci., v. 1109, 89-103 (1997) Anderson, R.: A practical RSA trapdoor. Electron. Lett. 29(11), 995 (1993) Nemec, M., Sys, M., Švenda, P., Klinec D., Matyáš, V.: The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli. In: CCS’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1631–1648 (2017) Kaliski, B.S.: Anderson’s RSA trapdoor can be broken. Electron. Lett. 29(No15), 1387 (1993) Buchmann, J., Jacobson, M.J., Teske, E.: On some computational problems in finite abelian groups. Math. Comput. 66, 1663–1687 (1997) Diffie, W., Hellman, M.E.: Directions, new, in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976) Švenda, P., Nemec, M., Sekan, P., Kvašňovský, R., Formánek, D., Komárek, D., Matyáš, V.: The Million-Key Question—investigating the origins of RSA public keys. In: The 25th USENIX Security Symposium (USENIX Security’16). USENIX, 893–910 (2016) Markelova, A.V.: Vulnerability of RSA algorithm. In: CEUR Workshop Proceedings, 2017, vol-2081 (Selected Papers of the VIII All-Russian Scientific and Technical Conference on Secure Information Technologies, BIT 2017), pp. 74–78 (2017) Coppersmith, D.: Finding a Small Root of a Univariate Modular Equation, Advances in Cryptology. Eurocrypt’96, Lecture Notes in Computer Science, vol. 1070, pp. 155–165. Springer, Berlin pp (1996) Howgrave-Graham, N.: Finding small roots of univariate modular equations revisited. In: Proceedings of the 6th IMA International Conference on Cryptography and Coding. Springer, pp. 131–142 (1997) Linnik, YuV: On the least prime in an arithmetic progression I The basic theorem. Rec. Math. Mat. Sbornik 15(57), 139–178 (1944) Markelova, A., Grushin, V.: Smart-card means of cryptographic protection of information from the standpoint of new Russian requirements for certification. Prob. Comp. Bez. Comp. Syst. 4, 85–92 (2014)