Cryptanalysis of Prime Power RSA with two private exponents
نویسندگان
چکیده
منابع مشابه
Cryptanalysis of short RSA secret exponents
A cryptanalytic attack on the use of short RSA secret exponents is described. This attack makes use of an algorithm based on continued fractions which finds the numerator and denominator of a fraction in polynomial time when a close enough estimate of the fraction is known. The public exponent e and the modulus pq can be used to create an estimate of a fraction which involves the secret exponen...
متن کاملRevisiting Prime Power RSA
Recently Sarkar (DCC 2014) has proposed a new attack on small decryption exponent when RSA Modulus is of the form N = pq for r ≥ 2. This variant is known as Prime Power RSA. The work of Sarkar improves the result of May (PKC 2004) when r ≤ 5. In this paper, we improve the existing results for r = 3, 4. We also study partial key exposure attack on Prime Power RSA. Our result improves the work of...
متن کاملCryptanalysis of RSA with Small Prime Difference using Unravelled Linearization
R. Rivest, A. Shamir and L. Adleman," A Method for Obtaining Digital Signatures and Public-Key Cryptosystems", Communications of the ACM, vol. 21, No. 2, pp. 120-126,1978. Wiener, M. : Cryptanalysis of short RSA secret exponents, IEEE Transactions on Information Theory 36, 553-558 (1990). Boneh, D. , Durfee, G. : Cryptanalysis of RSA with Private Key d Less Than N^0. 292, Advances in ...
متن کاملCryptanalysis of RSA with Small Prime Difference using Unravelled Linearization
In 2002, de Weger showed that choosing an RSA modulus with a small difference of primes improves the attack given by Boneh-Durfee. For this attack, de Weger used the complicated geometrical progressive matrices, introduced by BonehDurfee. In this paper, we analyzed by using another technique called unravelled linearization.
متن کاملCryptanalysis of RSA with Private Key d Less than N0.292
We show that if the private exponent d used in the RSA public-key cryptosystem is less than N then the system is insecure. This is the first improvement over an old result of Wiener showing that when d < N the RSA system is insecure. We hope our approach can be used to eventually improve the bound to d < N.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Science China Information Sciences
سال: 2015
ISSN: 1674-733X,1869-1919
DOI: 10.1007/s11432-015-5409-4