A New Attack on Three Variants of the RSA Cryptosystem

Abstract

In 1995, Kuwakado, Koyama and Tsuruoka presented a new RSA-type scheme based on singular cubic curves $$y^2\equiv x^3+bx^2\pmod N$$ where $$N=pq$$ is an RSA modulus. Then, in 2002, Elkamchouchi, Elshenawy and Shaban introduced an extension of the RSA scheme to the field of Gaussian integers using a modulus $$N=PQ$$ where P and Q are Gaussian primes such that $$p=|P|$$ and $$q=|Q|$$ are ordinary primes. Later, in 2007, Castagnos proposed a scheme over quadratic field quotients with an RSA modulus $$N=pq$$. In the three schemes, the public exponent e is an integer satisfying the key equation $$ed-k\left p^2-1\right \left q^2-1\right =1$$. In this paper, we apply the continued fraction method to launch an attack on the three schemes when the private exponent d is sufficiently small. Our attack can be considered as an extension of the famous Wiener attack on the RSA.