Abstract | ||
---|---|---|
We consider four variants of the RSA cryptosystem with an RSA modulus N = pq where the public exponent e and the private exponent d satisfy an equation of the form ed - k (p(2) - 1) (q(2) - 1) = 1. We show that, if the prime numbers p and q share most significant bits, that is, if the prime difference vertical bar p-q vertical bar is sufficiently small, then one can solve the equation for larger values of d, and factor the RSA modulus, which makes the systems insecure. |
Year | DOI | Venue |
---|---|---|
2021 | 10.1007/978-3-030-91356-4_3 | INFORMATION SECURITY (ISC 2021) |
Keywords | DocType | Volume |
RSA variants, Continued fractions, Coppersmith's method, Lattice reduction | Conference | 13118 |
ISSN | Citations | PageRank |
0302-9743 | 0 | 0.34 |
References | Authors | |
0 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Meryem Cherkaoui Semmouni | 1 | 0 | 0.34 |
Abderrahmane Nitaj | 2 | 72 | 15.00 |
Willy Susilo | 3 | 4823 | 353.18 |
Dongvu Tonien | 4 | 84 | 9.91 |