Wendy Mu : 2013 Security Workshop

The security of RSA encryption relies on the hardness of factoring the public modulus n, a product of two random primes. However, many systems, such as embedded devices, will generate RSA keys on first boot, but will not have collected enough entropy to generate secure random numbers for their keys. When multiple systems do this, it is likely that their RSA moduli will share a common factor, which will allow these moduli to be easily factored. We present a practical protocol for a TLS host to obtain randomness from a randomness authority, and then to prove in zero-knowledge to a certificate authority that it actually used the secure randomness to generate its public RSA modulus.

Wendy Mu is a Masters student in Computer Science pursuing a dual concentration in Security and HCI. She is currently doing research with Prof. Dan Boneh. In the past, she has done research in performance of homomorphic encryption. She will be joining Facebook after graduation this quarter.