Abstract
This paper presents three new attacks on the RSA cryptosystem. The first two attacks work when k RSA public keys (N i ,e i ) are such that there exist k relations of the shape e i x − y i φ(N i ) = z i or of the shape e i x i − yφ(N i ) = z i where N i = p i q i , φ(N i ) = (p i − 1)(q i − 1) and the parameters x, x i , y, y i , z i are suitably small in terms of the prime factors of the moduli. We show that our attacks enable us to simultaneously factor the k RSA moduli N i . The third attack works when the prime factors p and q of the modulus N = pq share an amount of their least significant bits (LSBs) in the presence of two decryption exponents d 1 and d 2 sharing an amount of their most significant bits (MSBs). The three attacks improve the bounds of some former attacks that make RSA insecure.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
