Recently, and contrary to the common belief, Rivest and Silverman argued that the use of strong primes is unnecessary in the RSA cryptosystem. This paper analyzes how valid this assertion is for RSA-type cryptosystems over elliptic curves. The analysis is more diicult because the underlying groups are not always cyclic. Previous papers suggested the use of strong primes in order to prevent fact...

Indices of physiological regulation (i.e., resting respiratory sinus arrhythmia [RSA] and RSA suppression) and observed fearfulness were tested as predictors of empathy-related reactions to an unfamiliar person's simulated distress within and across 18 (T1, N = 247) and 30 (T2, N = 216) months of age. Controlling for T1 helping, high RSA suppression and low fearfulness at T1 predicted T2 helpin...

In this paper, we prove the security of the RSA-AKE protocol [9] in the random oracle model. The proof states that the RSA-AKE protocol is secure against an adversary who gets the client’s stored secret or the server’s RSA private key. To our best knowledge, the RSA-AKE protocol is the most efficient among their kinds (i.e., RSA and password based AKE protocols). The other security properties a...

We define an isomorphism between the group of points of a conic and the set of integers modulo a prime equipped with a non-standard product. This product can be efficiently evaluated through the use of Rédei rational functions. We then exploit the isomorphism to construct a novel RSA-like scheme. We compare our scheme with classic RSA and with RSA-like schemes based on the cubic or conic equati...

LSBS-RSA is a variation of RSA cryptosystem with modulus primes p, q, sharing a large number of least significant bits. As original RSA, LSBS-RSA is also vulnerable to the short secret exponent attack. Sun et al. [15] studied this problem and they provided the bound for secret exponent as: 2 2 5 4 3 1 6 1 3 6 3 2 2 6 γ β α α γ α − < + − + − −       . Their bound does not reduce to the opt...

Two types of attacking the RSA cryptosystem are discussed. The rst aims at a careless choice of the primes p and q, which are the basis of RSA security. Choosing these primes carefully can prevent the cryptosystem from this type of attack. The second aims at special instances of RSA-based cryptographical protocols. Speciic properties of these protocols enable users of the system or even outside...

The last few months, several new results appeared about the OAEP construction , and namely the RSA{OAEP cryptosystem. Whereas OAEP was believed to provide the highest security level (IND-CCA2), with an eecient exact security level, the eeective security result had been showed to be incomplete. Nevertheless, the particular instantiation with RSA (which is anyway almost the sole application) had ...

This paper reviews and generalizes a method to generate RSAmoduli with a predetermined portion. The potential advantages of the resultingmethods are discussed: both the storage and the computational requirements ofthe RSA cryptosystem can be considerably reduced. The constructions are as ef-ficient as generation of regular RSA moduli, and the resulting moduli do notseem to o...

Mobile Ad hoc Network (MANET) is a wireless technology for mobile nodes. This network is setup on fly without any infrastructure. The mobility nature of this network and the lack of infrastructure make it very challenging to be secured. In this paper, we introduce a formal model for Identity-based RSA (Id-RSA) scheme proven secure in the random oracle model. The proposed scheme relies on establ...

Firstly, we demonstrate a pathological hash function choice that makes RSA-OAEP insecure. This shows that at least some security property is necessary for the hash functions used in RSAOAEP. Nevertheless, we conjecture that only some very minimal security properties of the hash functions are actually necessary for the security of RSA-OAEP. Secondly, we consider certain types of reductions that ...