cracking_rsa_fit2010

8/7/2019 Cracking_RSA_FIT2010

http://slidepdf.com/reader/full/crackingrsafit2010 1/35

High Performance Linux Clusters

For Breaking RSA

Associate Professor National University of Sciences & TechnologyPakistan Navy Engineering CollegeKarachi, Pakistan

PresidentIbn Khaldun SystemsKarachi, Pakistanhttp://www.ibnkhaldun.com.pk

Dr. Athar Mahboob



2

The Problem● Factor a composite number n into its prime factors –

according to the Fundamental Theorem of Arithmetic

● Requires computational Scalability as n becomes large● Factoring thought to be a simple problem – ignored for

centuries● Easy to verify an answer ● With the advent of Public Key Cryptography based on

RSA – great bounty in being able to factor large integers

n = ∏ pie i e i

∈ℤ

p i∈ P



3

Notices of the AMS, December

1996



4

The Problem is Relevant

http://www.h-online.com/security/news/item/768-bit-RSA-cracked-898986.html



5

Motivation and Credits● Learn about Integer factorization problem● Learn about Linux clustering techniques and solutions● In addition to all the software packages which are mentioned in

this presentation some of the results presented are from jointwork with Dr. Junaid Ahmed Zubairi and Dr. Nassar Ikrampublished as Book chapter:

Athar Mahboob, Junaid Zubairi and Nassar Ikram, BookChapter “High Performance Linux Clusters For Breaking RSA”in Bantham USA, eBook on Applications of Modern HighPerformance Networks, eISBN: 978-1-60805-077-2, 2009.



6

The RSA Public Key

CryptosystemKey Generation

Select p , q p and q both primeCalculate n n = p × qSelect integer d gcd ( (n), d ) = 1; 1 < d < (n )

Calculate e e = d -1 mod (n )Public Key KU = { e , n}Private Key KR = { d , n}

Encryption

Plaintext: M < nCiphertext: C = M e (mod n )

Decryption

Ciphertext: CPlaintext: M = C d (mod n )



7

Clusters● An interconnection of

computer nodes andsuitable software to make

it behave/appear like onecomputer ● Two principal drivers:

– Business driver –availability

– Research and scientificdriver – scalability

Software

Hardware

Cluster Node

Network Interface

System Bus

CPU

Memory

Operating System

System Libraries

Cluster Middleware

End User Processes



8

High Availability Clusters

PrimaryLVS

Director Server 2

Server 1

Server 3

Server n

.

.

.

Client 2

Client 1

Client 3

Client n

.

.

.

BackupLVS

Director

High SpeedCluster

Interconnect

SharedStorage

Consistent view of Application State

ClientAccessNetwork

Cluster VirtualIP Address(es)

Heartbeat

Typical Use Cases:● Enterprise Information Services (Email,Database) – high availability● Web Application Server Farms – highavailability with load balancing

Examples:● Linux HA (Hearbeat + LVS)● Oracle Clusterware● Redhat Cluster Suite



9

HPC Clusters

● Computational scalability● For scientific problem solving●

Two approaches: – MPI: Message Passing API for cooperating

processes running across multiple nodes – SSI: Single Server Image, a distributed

operating system approach



10

Single Server Image Clusters

● Create the illusion of one big SMP machine● With a single process space: ps, top●

Makes clustering transparent to processes – no need of MPI● Still need a multi-programmed application●

Many attempts in Linux: – Mosix (and then openMosix and then nothing) – OpenSSI (big bang and then nothing) – Kerrighed (the slow and steady SSI turtle!)



11

Linux, Open Source and SomeMisconceptions

● Business model is based onservices alone:

– Implementation – Customizations – Training – Documentation – Support

● A fair and consumer friendly

business model for softwarebecause: – Software is incrementally

developed

– Software is infinitely replicable

● Open source is freesoftware !

● Software is free, peopleare not !

● Free as in “freedom” notnecessarily as in “freebeer”

● Open source is a viablebusiness model

● Open source is a better software engineeringmethodology



12

Linux and Open Source - SomeDisruptions

● Oracle banking on Linux as the OS to runOracle (Oracle Enterprise Linux, OCFS, Isthe Sun setting on Solaris?)

● Open Source ERP (Adempiere)● Open Source in Health Informatics (VA

Vista)● Google Android uses Linux as OS● Most toolchain vendors are moving to

Eclipse as the IDE



13

Top500 HPC Clusters✔ Linux has been gaining ground in HPC space✔ Linux is the dominant UNIX which will survive✔ Linux is the universal operating system✔ From cell phones to super computers Linux is portable

Data from http://www.top500.org



14

The Kerrighed and Linux Kernel

● Kerrighed 2.4 based on Linux 2.6.20 kernel● Uses configfs pseudo filesystem for cluster

configuration, especially scheduler policy● Supports NFSROOT based root filesystem

for cluster nodes● The project has existed for more than a

decade● The project is active● Well documented



15

Kerrighed Features●

Global Process Management – Cluster wide PIDs – Process migration with open

files, pipes, sockets,shared memory segments,etc.

– Mosix-like global processscheduler.

– Full cluster wide UNIXprocess managementinterface (ps, top, kill, etc).

– Customizable distributedscheduler

● Global Memory Management

– Support for distributed system Vmemory segments.

– Memory injection(EXPERIMENTAL)

●

Checkpoint / restart – Checkpoint/restart of single

processes

– Checkpoint/restart of applications(EXPERIMENTAL)

●

Architecture – Support of SMP / multi-cores

machines

– Support for x86-64 architecture(i386 / x86-32 / IA32 is notsupported anymore).



17

The Cluster Interconnect

Data from http://www.top500.org

✔ Plays a significant role in cluster performance✔ Significance depends on the nature of cooperating processes✔ Gigabit Ethernet gaining ground as an off-the-shelf interconnect✔ Gigabit Ethernet performs well most of the time



18

The Clustering Recipe● Build a “root filesystem” for

cluster nodes: debootstrap● Setup Network Booting:

DHCP, TFTP, NFS, NTP● Build Kerrighed Linux

Kernel●

Build factoring softwaretoolkit● Boot and enjoy

Cluster Boot Server

Linux Operating System

DHCP Server

TFTP Server

NFS Server

NTP Server

DNS Server

Root filesystem and Kernel for Cluster Nodes



19

Network Booting Cluster Nodes

Cluster NodeWith System

BIOS Capableof PXE Boot

Cluster BootServer

1. DHCP Request by PXE Boot Firmware

2. DHCP Response containing IP Address,Boot Server and Bootfile Name

3. TFTP Request by PXE Boot Firmware

4. TFTP Response containing Boot Kernel

5. NFS Mount Request by Node

6. Root Filesystem for Node

7. NTP Time Synchronization Request

8. NTP Response

Makes it easy to add nodes to cluster Uses standard protocols andmechanisms:● PXE● DHCP● TFT● NFS● NTP

Cluster Interconnect

Node 1 Node 2 Node n...

Cluster BootServer



20

Kerrighed in Action✔

Linux Kernel building is a processing intensive task✔ Use “make -j n” to start n parallel build processes



21

Stability Issues in Kerrighed



23

Sieveing

● We sift out the possible factors from 1 to

sqrt(n).● Factors occur in pairs. You find one of the

pair, the other is trivial.

● Divide by each successive prime from 1 tosqrt(n)

A sieve, or sifter, separates wanted elements from unwanted material using a woven screen such as a mesh or net. However, in cooking, especially with flour , a sifter is used to aerate the substance, among other things. Astrainer is a type of sieve typically used to separate a solid from a liquid. The word "sift" derives from sieve.

From: http://en.wikipedia.org/wiki/Sieve

http://en.wikipedia.org/wiki/Flour

http://en.wikipedia.org/wiki/Solid

http://en.wikipedia.org/wiki/Liquid

http://en.wikipedia.org/wiki/Liquid

http://en.wikipedia.org/wiki/Solid

http://en.wikipedia.org/wiki/Flour



24

Fermat's Improvement● Factor 8051● Factor 3599● Factor 2496● Hint: It's easy to factor these numbers if you

recognize them to be a difference of two squares● a 2 – b 2 = (a – b)(a + b)● 8051 = 8100 – 49

= 90 2 – 7 2

= (90 – 7)(90+7)= 83*97



26

Time Complexity of VariousInteger Factorization Algorithms



27

Factorization Trend● Year Largest Integer that could be factored

(digits)● 1970 20● 1980 50● 1990 116● 1994 129● 1996 130● 2003 174● 2010 232



28

Parallelization and Sieving● Finding relations

– Large number of relations are needed – Finding relations is the time consuming part – It can be done in parallel

● Solving a matrix storing relations – Cannot be done in parallel – Is not the time consuming part – Can be done by a single node once sufficient number

of relations are avilable



29

Msieve on Kerrighed in Action



30

The Bounty – Factoring a 103Digit Number

279227912220351686582028455516412641158896790659830288566001946957408123456789012133589058792410781116

= 2 x 2 x 109 x 173 x 367 x 431 x 7573 x 504353 x1997715487 x 22918009218061 x133835033152975400607354515726890753138186867985471862847417

Number of Nodes

Number of CPUs

Time(seconds)

Speedup

1 1 124 1X4 8 20 6X

Performance of QS Algorithm On 4 Node (8 CPU) Cluster, Pentium 4, 2.4 GHz



31

Future Directions●

Kerrighed 3.0 – More stable, more features – Runs inside Linux Containers (light-weight

virtual machines)● Oracle Cluster File System 1.6 – for NFS

scalability and reliability during relationsaccumulation

● Python factorization script with automaticrecovery (factmsieve.py) by Brian Gladman

● Try Discrete Logarithm Problem● And Elliptic Curve Discrete Logarithm Problem



32

Kerrighed and Linux ContainersKerrighed provides SSI features using a Linux container (lxc). In a fewwords, a container is basically a light-weight virtual machine sharing itskernel with the host OS. Depending on the needs, it may share or isolatesome resources with its host, such as PIDs, IPCs, Net, file systems, etc.,and provides resource control groups (memory usage allowed, etc.).

On a Kerrighed kernel, the host system doesn't provides kerrighedfeatures. Those features are only available inside a special Linuxcontainer called Kerrighed container. A process running on the hostsystem will behave as on a non patched kernel. Processes runningin the Kerrighed container will have the ability to migrate from onenode to another, checkpoint and restart, use distant memory, etc.

By default on the Kerrighed system, the host system shares mosts of itsressources with the Kerrighed container (Network addresses, physicaldevices, filesystem, system users, etc). When the Kerrighed serviceboots the container, it additionally executes a configurable set of commands. By default, a ssh server listening on port 2222 is launched oneach node. Once connected, you are in the SSI cluster!

From http://www.kerrighed.org



33

Some Links/References

● Kerrighed: Single Server Image LinuxClusters, http://www.kerrighed.org

● MSIEVE: A Library for Factoring LargeIntegers, Jason Papadopoulos hosted atSourceforge



34

Questions



35

Thanks for your patience

cracking_rsa_fit2010

Documents