ABSTRACT
From the contagion of the world’s slow stain, he is secure, and can never mourn, a heart grown cold, a head grown grey in vain.
Percy Bysshe Shelley (1792-1822) English poet
In Exercise 3.44 on page 76, we demonstrated one glaring misuse of the RSA cipher, namely the use of a common modulus, which leads to a common modulus protocol failure.6.1 This is not a weakness of RSA, but rather an exceptionally bad implementation of the cipher. We saw in the aforementioned exercise that Eve could retrieve the plaintext without either knowledge of a decryption exponent or having to factor n. What this demonstrates is that an RSA modulus should never be used by more than one entity. It cannot be emphasized forcefully enough that true security for the RSA cryptosystem requires a secure implementation. Without this, any other measures taken, such as using a 1024-bit private key, as suggested in the discussion on page 74, will do nothing to overcome the bad implementation. However, there was one implementation attack, the discovery of which was somewhat troubling.
