Generalization of Boneh- Durfee’s attack for Arbitrary Public Exponent RSA
نویسندگان
چکیده
Cohen, H. 1995. A Course in Computational Algebraic Number Theory. Springer-Verlag. Second edition. Menezes, A. J, Van Oorschot P. C, and Vanstone. 1997. Hand book of Applied Cryptography. CRC Press. Lenstra A. K, Lenstra Jr. H. W, Lovasz L. 1982. "Factoring polynomials with rational coefficients". Mathematische A1nnalen, volume 261(4): pages 515-534. Rivest R. L, Shamir A, Adleman L. 1978. "A method for obtaining digital
منابع مشابه
A New Method of Constructing a Lattice Basis and Its Applications to Cryptanalyse Short Exponent RSA
We provide a new method of constructing an optimal lattice. Applying our method to the cryptanalysis of the short exponent RSA, we obtain our results which extend Boneh and Durfee’s work. Our attack methods are based on a generalization to multivariate modular polynomial equation. The results illustrate the fact that one should be careful when using RSA key generation process with special param...
متن کاملA new attack on RSA with a composed decryption exponent
In this paper, we consider an RSA modulus N = pq, where the prime factors p, q are of the same size. We present an attack on RSA when the decryption exponent d is in the form d = Md1 + d0 where M is a given positive integer and d1 and d0 are two suitably small unknown integers. In 1999, Boneh and Durfee presented an attack on RSA when d < N. When d = Md1 + d0, our attack enables one to overcome...
متن کاملA Unified Framework for Small Secret Exponent Attack on RSA
We address a lattice based method on small secret exponent attack on RSA scheme. Boneh and Durfee reduced the attack into finding small roots of a bivariate modular equation: x(N+1+y)+1 ≡ 0( mod e), where N is an RSA moduli and e is the RSA public key. Boneh and Durfee proposed a lattice based algorithm for solving the problem. When the secret exponent d is less than N, their method breaks RSA ...
متن کاملSmall Private Exponent Partial Key-Exposure Attacks on Multiprime RSA
Given knowledge of one or more of the primes in a multiprime RSA modulus we show that the private exponent can be recovered provided it is sufficiently small. In particular, we present a simple and efficient method that given v of the u primes dividing the modulus N recovers any private exponent d satisfying d < Nv/u− . When only one prime is known, this bound can be increased to approximately ...
متن کاملCryptanalysis of the RSA Schemes with Short Secret Exponent from Asiacrypt '99
At Asiacrypt ’99, Sun, Yang and Laih proposed three RSA variants with short secret exponent that resisted all known attacks, including the recent Boneh-Durfee attack from Eurocrypt ’99 that improved Wiener’s attack on RSA with short secret exponent. The resistance comes from the use of unbalanced primes p and q. In this paper, we extend the Boneh-Durfee attack to break two out of the three prop...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012