On an attack on RSA with small CRT-exponents

被引:0
作者
LiDong Han
XiaoYun Wang
GuangWu Xu
机构
[1] Shandong University,Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education
[2] Shandong University,School of Mathematics
[3] Tsinghua University,Institute for Advanced Study
[4] University of Wisconsin-Milwaukee,Department of Electrical Engineering and Computer Science
来源
Science China Information Sciences | 2010年 / 53卷
关键词
RSA; CRT; cryptanalysis; continued fraction; lattice reduction;
D O I
暂无
中图分类号
学科分类号
摘要
This paper concerns the RSA system with private CRT-exponents. Since Chinese remainder representation provides efficiency in computation, such system is of some practical significance. In this paper, an existing attack to small private CRT-exponents is analyzed. It is indicated that this attack makes nice use of lattice in RSA analysis, but some argument does not hold in general. Several counterexamples are constructed. Refinements and more precise statements of the attack are given.
引用
收藏
页码:1511 / 1518
页数:7
相关论文
共 12 条
[1]  
Rivest R.(1978)A method for obtaining digital signatures and public-key cryptosystems Commun ACM 21 120-126
[2]  
Shamir A.(1982)Factoring polynomial with rational coefficients Math Ann 261 515-534
[3]  
Adleman L.(1997)Small solutions to polynomial equations, and low exponent RSA vulnerabilities J Crypto 10 233-260
[4]  
Lenstra A. K.(1990)Cryptanalysis of short RSA secret exponents IEEE Trans Inf Theory 36 553-558
[5]  
Lenstra H. W.(2000)Cryptanalysis of RSA with private key IEEE Trans Inf Theory 46 1339-1349
[6]  
Lovász L.(1982) less than Electr Lett 18 905-907
[7]  
Coppersmith D.(undefined)Fast decipherment algorithm for RSA public-key cryptosystem undefined undefined undefined-undefined
[8]  
Wiener M.(undefined)undefined undefined undefined undefined-undefined
[9]  
Boneh D.(undefined)undefined undefined undefined undefined-undefined
[10]  
Durfee G.(undefined)undefined undefined undefined undefined-undefined
12