New Jochemsz–May Cryptanalytic Bound for RSA System Utilizing Common Modulus N = p2q

Nurul Nur Hanisah Adenan,Amir Hamzah Abd Ghafar,Siti Hasana Sapar,Muhammad Rezal Kamel Ariffin,Muhammad Asyraf Asbullah

doi:10.3390/math9040340

Nurul Nur Hanisah Adenan, Amir Hamzah Abd Ghafar + Show 3 more

Open Access

https://doi.org/10.3390/math9040340

Copy DOI

Journal: Mathematics	Publication Date: Feb 8, 2021
Citations: 2	License type: CC BY 4.0

Affiliation: Universiti Putra Malaysia

Abstract

This paper describes an attack on the Rivest, Shamir and Adleman (RSA) cryptosystem utilizing the modulus N=p2q where p and q are two large balanced primes. Let e1,e2<Nγ be the integers such that d1,d2<Nδ be their multiplicative inverses. Based on the two key equations e1d1−k1ϕ(N)=1 and e2d2−k2ϕ(N)=1 where ϕ(N)=p(p−1)(q−1), our attack works when the primes share a known amount of least significant bits (LSBs) and the private exponents share an amount of most significant bits (MSBs). We apply the extended strategy of Jochemsz–May to find the small roots of an integer polynomial and show that N can be factored if δ<1110+94α−12β−12γ−130180γ+990α−180β+64. Our attack improves the bounds of some previously proposed attacks that makes the RSA variant vulnerable.

Highlights

In 1978, security in transmitting data between two parties is imperative to avert the information from being expose to an unauthorised person
Our contribution: Extending the result from [16], this paper presents an attack on the modulus N = p2q when the primes share a known amount of the least significant bits (LSBs) while d1 and d2 share an amount of their most significant bits (MSBs)
We present the theorem of an attack on modulus N = p2q which applies when the primes share a known amount of LSBs and there exists d1 and d2 that share an amount of MSBs

Summary

Introduction

In 1978, security in transmitting data between two parties is imperative to avert the information from being expose to an unauthorised person. Shamir and Adleman came out with a brilliant public key cryptosystem design. It is known as an asymmetric cryptosystem as it uses different keys for encrypting and decrypting the data. The cryptosystem is called RSA [1]. The public parameters N and e are needed where. N = pq and e is an integer that is relatively prime with φ(N) where φ(N) = (p − 1)(q − 1). The private key d is an integer satisfying ed ≡ 1 (mod φ(N))

Objectives

Methods

Conclusion