Analyzing Standards for RSA Integers
نویسندگان
چکیده
The key-generation algorithm for the RSA cryptosystem is specified in several standards, such as PKCS#1, IEEE 1363-2000, FIPS 186-3, ANSI X9.44, or ISO/IEC 18033-2. All of them substantially differ in their requirements. This indicates that for computing a “secure” RSA modulus it does not matter how exactly one generates RSA integers. In this work we show that this is indeed the case to a large extend: First, we give a theoretical framework that will enable us to easily compute the entropy of the output distribution of the considered standards and show that it is comparatively high. To do so, we compute for each standard the number of integers they define (up to an error of very small order) and discuss different methods of generating integers of a specific form. Second, we show that factoring such integers is hard, provided factoring a product of two primes of similar size is hard.
منابع مشابه
Notions for RSA integers
The key-generation algorithm for the RSA cryptosystem is specified in several standards, such as PKCS#1, IEEE 1363-2000, FIPS 186-3, ANSI X9.44, or ISO/IEC 18033-2. All of them substantially differ in their requirements. This indicates that for computing a “secure” RSA modulus it does not matter how exactly one generates RSA integers. In this work we show that this is indeed the case to a large...
متن کاملBreaking RSA May Be Easier Than Factoring
We provide evidence that breaking low-exponent rsa cannot be equivalent to factoring integers. We show that an algebraic reduction from factoring to breaking low-exponent rsa can be converted into an e cient factoring algorithm. Thus, in e ect an oracle for breaking rsa does not help in factoring integers. Our result suggests an explanation for the lack of progress in proving that breaking rsa ...
متن کاملRemoving the Strong RSA Assumption from Arguments over the Integers
Committing integers and proving relations between them is an essential ingredient in many cryptographic protocols. Among them, range proofs have shown to be fundamental. They consist in proving that a committed integer lies in a public interval, which can be seen as a particular case of the more general Diophantine relations: for the committed vector of integers x, there exists a vector of inte...
متن کاملA Comparative Study of RSA based Cryptographic Algorithms
In 1978 a powerful and practical public-key scheme Hadi Otrokwas produced by RSA; there work was applied using 2 large random odd primes p and q, each roughly of the same size. El-Kassar and Awad modi...ed the RSA public-key encryption scheme from the domain of natural integers, Z , to two principal ideal domains, namely the domain of Gaussian integers, Z [i], and the domain of the rings of pol...
متن کاملEquivalence of Counting the Number of Points on Elliptic Curve over the Ring Zn and Factoring n
1 I n t r o d u c t i o n Elliptic curves can be applied to public-key cryptosystems, and as such several schemes have been proposed [3, 4, 5, 6, 9, 11]. There are two typical elliptic curve cryptosystems: E1Gamal-type scheme [4, 11] and RSA-type schemes [3, 5, 6]. The security of the EIGamal-type elliptic curve cryptosystem is based on the difficulty of solving a discrete logarithm over ellipt...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011