کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
428846 686943 2015 5 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Cryptanalysis of RSA with a small parameter revisited
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر نظریه محاسباتی و ریاضیات
پیش نمایش صفحه اول مقاله
Cryptanalysis of RSA with a small parameter revisited
چکیده انگلیسی


• In short exponent RSA, decrypt and encrypt exponents are both short, then k is the smallest parameter. In this paper, we investigate a birthday attack to recover k, then factor RSA modulus N. This work improves the research of Meng and Zheng at ACISP 2012.
• Our result again shows that if there is a small parameter (other than d) in RSA equation, the RSA scheme may become vulnerable. Our algorithm is based on baby-step giant-step method. We also give a detail explanation on how the baby-step giant-step method works.

Let N=pqN=pq be an RSA modulus with balanced primes p and q. Suppose that the public exponent e and private exponent d   satisfy ed−1=kϕ(N)ed−1=kϕ(N). We revisit the birthday attack against short exponent RSA proposed by Meng and Zheng at ACISP 2012. We show that if e>k(p+q), then N   can be factored in both time and space complexity of O˜(k). This improves the former result. We also give a detail explanation on how the baby-step giant-step method works.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Information Processing Letters - Volume 115, Issue 11, November 2015, Pages 858–862
نویسندگان
, ,