140 Factored TTTTTTTTTTTTT 197419761978198019821984198619881990199219941996 IGURE 97.6 Factoring history. Because of the importance of factoring to RSA security, factoring methodology and mplishments are of considerable interest. Techniques for factoring"hard"numbers were available for only up to about digits in about a days computing time until 1983, when a match between mathematical development(the quadratic sieve)and computer vector processing capabilities contributed to factoring up to 58-digit numbers in equivalent time. The next year, a 69-digit number was factored in about 32 hours on a Cray 1S. A few months later, a 71-digit number was factored in less than 10 hours on a Cray XMP. By the end of the decade, collections of small computers had been coupled in a worldwide effort to demonstrate that numbers of more than 100(116 in 1991)digits could be cost-effectively factored. This explosive trend, although not expected to continue because of current mathematical limitations(at present many orders of magnitude more computation time is needed than would threaten 300-digit numbers), demonstrates the importance factoring prognosis in forecasting the long-term security of RSA TABLE 97.1 An Access matrix Subjects/Objects Own, write, read Own, read, execute Own, read, delete Read, write, execute Read Read Write Read Read information deduction such as inference and aggregation. Integrity protection mechanisms include field checks, hange logs, two-phase updates, error protection codes, range comparisons, and query controllers Pfleeger 1989]. Secrecy depends on access control (e.g, file passwords), query controllers, and encryption. Processing restrictions can, in addition to those implied by memory, file, and database controls, limit the ability of users to, for example, try multiple passwords or multiple user IDs; make financial transactions; change security parameters; move, rename, or output information; and deliver covert channel information(signaling ystematically using authorized actions to codify unauthorized data delivery) Software development and maintenance controls include standards under which programs(including secu- rity features)are designed to meet requirements, coded in structured or development, tested, and maintained. Configuration or change control is als modular form, reviewed during mportant Computer auditing intended to provide computer records about user actions for routine review(a productive application for expert systems)and for detailed investigation of any incidents or suspicious circumstances. It is essential that audit records be tamper-proof. Software security features(including auditing)can be provided as part of the computer operating system or they can be added to an operating system as an add-on product. A U.S. government multilevel trusted computing base development program through NSAs National Computer Security Center(NCSC)resulted in a well known ecurity methodology and assessment scheme for these types of software(and hardware) products [DOD, 1985 A significant number of operating systems and software security packages have been evaluated and given c 2000 by CRC Press LLC© 2000 by CRC Press LLC information deduction such as inference and aggregation. Integrity protection mechanisms include field checks, change logs, two-phase updates, error protection codes, range comparisons, and query controllers [Pfleeger, 1989]. Secrecy depends on access control (e.g., file passwords), query controllers, and encryption. Processing restrictions can, in addition to those implied by memory, file, and database controls, limit the ability of users to, for example, try multiple passwords or multiple user IDs; make financial transactions; change security parameters; move, rename, or output information; and deliver covert channel information (signaling systematically using authorized actions to codify unauthorized data delivery). Software development and maintenance controls include standards under which programs (including secu￾rity features) are designed to meet requirements, coded in structured or modular form, reviewed during development, tested, and maintained. Configuration or change control is also important. Computer auditing is intended to provide computer records about user actions for routine review (a productive application for expert systems) and for detailed investigation of any incidents or suspicious circumstances. It is essential that audit records be tamper-proof. Software security features (including auditing) can be provided as part of the computer operating system or they can be added to an operating system as an add-on product. A U.S. government multilevel trusted computing base development program through NSA’s National Computer Security Center (NCSC) resulted in a well known security methodology and assessment scheme for these types of software (and hardware) products [DOD, 1985]. A significant number of operating systems and software security packages have been evaluated and given FIGURE 97.6 Factoring history. Because of the importance of factoring to RSA security, factoring methodology and accomplishments are of considerable interest. Techniques for factoring “hard” numbers were available for only up to about 50 digits in about a day’s computing time until 1983, when a match between mathematical development (the quadratic sieve) and computer vector processing capabilities contributed to factoring up to 58-digit numbers in equivalent time. The next year, a 69-digit number was factored in about 32 hours on a Cray 1S. A few months later, a 71-digit number was factored in less than 10 hours on a Cray XMP. By the end of the decade, collections of small computers had been coupled in a worldwide effort to demonstrate that numbers of more than 100 (116 in 1991) digits could be cost-effectively factored. This explosive trend, although not expected to continue because of current mathematical limitations (at present many orders of magnitude more computation time is needed than would threaten 300-digit numbers), demonstrates the importance of factoring prognosis in forecasting the long-term security of RSA. TABLE 97.1 An Access Matrix Subjects/Objects O1 O2 O3 O4 O5 S1 Own, write, read Own, read, execute Own, read, delete Read, write, execute Read S2 Read Execute Read S3 Write Read Read