Cryptanalysis of Dual CRT-RSA

نویسندگان

  • Santanu Sarkar
  • Subhamoy Maitra
چکیده

Several schemes under the framework of Dual RSA have been proposed by Sun et al (IEEE-IT, August 2007). We here concentrate on the Dual CRT-RSA scheme and present certain range of parameters for which this is insecure. As a corollary of our work, we prove that the Dual Generalized Rebalanced-RSA (Scheme III of Sun et al) can be efficiently broken for a significant region where the scheme has been claimed to be secure.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

RSA with Chinese Reminder Theorem Immune to Fault Cryptanalysis

This article examines the problem of fast RSA encryption with Chinese Reminder Theorem (CRT) immune against hardware fault cryptanalysis. This type of RSA scheme has been widely adopted as a standard implementation in many applications ranging from large servers to tiny smart cards. However, single error in this scheme can totally break the whole RSA scheme by factoring public modulus. It will ...

متن کامل

A New Attack on RSA and CRT-RSA

In RSA, the public modulus N = pq is the product of two primes of the same bit-size, the public exponent e and the private exponent d satisfy ed ≡ 1 (mod (p−1)(q−1)). In many applications of RSA, d is chosen to be small. This was cryptanalyzed by Wiener in 1990 who showed that RSA is insecure if d < N. As an alternative, Quisquater and Couvreur proposed the CRT-RSA scheme in the decryption phas...

متن کامل

RSA Speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis

This article considers the problem of how to prevent the fast RSA signature and decryption computation with residue number system (or called the CRT-based approach) speedup from a hardware fault cryptanalysis in a highly reliable and efficient approach. The CRT-based speedup for RSA signature has been widely adopted as an implementation standard ranging from large servers to very tiny smart IC ...

متن کامل

Side Channel Attack to Actual Cryptanalysis: Breaking CRT-RSA with Low Weight Decryption Exponents

Towards the cold boot attack (a kind of side channel attack), the problems of reconstructing RSA parameters when (i) certain bits are unknown (Heninger and Shacham, Crypto 2009) and (ii) the bits are available but with some error probability (Henecka, May and Meurer, Crypto 2010) have been considered very recently. In this paper we exploit the error correction heuristic proposed by Henecka et a...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2010  شماره 

صفحات  -

تاریخ انتشار 2010