Abstract
RSA is a well known standard algorithm used by modern computers to encrypt and decrypt messages. In some applications, to save the decryption time, it is desirable to have a short secret key d compared to the modulus N. The first significant attack that breaks RSA with short secret key given by Wiener in 1990 is based on the continued fraction technique and it works with d<1184N.25. A decade later, in 2000, Boneh and Durfee presented an improved attack based on lattice technique which works with d < N.292. Until this day, Boneh–Durfee attack remain as the best attack on RSA with short secret key. In this paper, we revisit the continued fraction technique and propose a new attack on RSA. Our main result shows that when d<t(22+8/3)N.75/e, where e is the public exponent and t is a chosen parameter, our attack can break the RSA with the running time of O(tlog (N)). Our attack is especially well suited for the case where e is much smaller than N. When e ≈ N, the Boneh–Durfee attack outperforms ours. As a result, we could simultaneously run both attacks, our new attack and the classical Boneh–Durfee attack as a backup.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.