Cryptology ePrint Archive: Report 2001/013

Digitally Watermarking RSA Moduli

Anna M. Johnston

Abstract: The moduli used in RSA (see \cite{rsa}) can be generated by many different sources. The generator of that modulus knows its factorization. They have the ability to forge signatures or break any system based on this moduli. If a moduli and the RSA parameters associated with it were generated by a reputable source, the system would have higher value than if the parameters were generated by an unknown entity. An RSA modulus is digitally marked, or digitally trade marked, if the generator and other identifying features of the modulus can be identified and possibly verified by the modulus itself. The basic concept of digitally marking an RSA modulus would be to fix the upper bits of the modulus to this tag. Thus anyone who sees the public modulus can tell who generated the modulus and who the generator believes the intended user/owner of the modulus is.

Two types of trade marking will be described here. The first is simpler but does not give verifiable trade marking. The second is more complex, but allows for verifiable trade marking of RSA moduli.

The second part of this paper describes how to generate an RSA modulus with fixed upper bits.

Category / Keywords: public-key cryptography / RSA, number theory, key management

Date: received 19 Feb 2001

Contact author: ajohnst at sandia gov

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation

Version: 20010220:001709 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]