Small solutions to polynomial equations, and low exponent RSA vulnerabilities

被引:447
|
作者
Coppersmith, D
机构
[1] IBM Research, T. J. Watson Research Center, Yorktown Heights
来源
JOURNAL OF CRYPTOLOGY | 1997年 / 10卷 / 04期
关键词
polynomial; RSA; factoring;
D O I
10.1007/s001459900030
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
We show how to find sufficiently small integer solutions to a polynomial in a single variable module N, and to a polynomial in two variables over the integers. The methods sometimes extend to more variables. As applications: RSA encryption with exponent 3 is vulnerable if the opponent knows two-thirds of the message, or if two messages agree over eight-ninths of their length; and we can find the factors of N = P Q if we are given the high order 1/4 log(2) N bits of P.
引用
收藏
页码:233 / 260
页数:28
相关论文
共 17 条
  • [1] Generalized cryptanalysis of RSA with small public exponent
    Zheng, Mengce
    Hu, Honggang
    Wang, Zilong
    SCIENCE CHINA-INFORMATION SCIENCES, 2016, 59 (03)
  • [2] Generalized cryptanalysis of RSA with small public exponent
    Mengce ZHENG
    Honggang HU
    Zilong WANG
    ScienceChina(InformationSciences), 2016, 59 (03) : 97 - 106
  • [3] Using RSA with low exponent in a public network
    Lee, WB
    Chang, CC
    COMPUTER COMMUNICATIONS, 1998, 21 (03) : 284 - 286
  • [4] An Application of Low Private Exponent Attack on RSA
    Zheng, Yong-Hui
    Zhu, Yue-Fei
    Xu, Hong
    ICCSSE 2009: PROCEEDINGS OF 2009 4TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE & EDUCATION, 2009, : 1864 - 1866
  • [5] An Improved Power Attack on Small RSA Public Exponent
    Zhao, Bing
    Wang, Lihui
    Jiang, Kun
    Liang, Xiaobing
    Shan, Weijun
    Liu, Jing
    PROCEEDINGS OF 2016 12TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE AND SECURITY (CIS), 2016, : 578 - 581
  • [6] A Unified Framework for Small Secret Exponent Attack on RSA
    Kunihiro, Noboru
    Shinohara, Naoyuki
    Izu, Tetsuya
    IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 2014, E97A (06) : 1285 - 1295
  • [7] Cryptanalysis of unbalanced RSA with small CRT-exponent
    May, A
    ADVANCES IN CRYPTOLOGY - CRYPTO 2002, PROCEEDINGS, 2002, 2442 : 242 - 256
  • [8] Remarks on using RSA with low exponent in a public network
    He, WH
    Wu, TC
    Lin, CY
    JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 2002, 18 (02) : 341 - 344
  • [9] LOW EXPONENT ATTACK AGAINST ELLIPTIC CURVE RSA
    KUROSAWA, K
    OKADA, K
    TSUJII, S
    INFORMATION PROCESSING LETTERS, 1995, 53 (02) : 77 - 83
  • [10] Maximizing Small Root Bounds by Linearization and Applications to Small Secret Exponent RSA
    Herrmann, Mathias
    May, Alexander
    PUBLIC KEY CRYPTOGRAPHY - PKC 2010, PROCEEDINGS, 2010, 6056 : 53 - 69
12