Abstract
RSA system is based on the hardness of the integer factorization problem (IFP). Given an RSA modulus N = pq, it is difficult to determine the prime factors p and q efficiently. One of the most famous short exponent attacks on RSA is the Wiener attack. In 1997, Verheul and van Tilborg use an exhaustive search to extend the boundary of the Wiener attack. Their result shows that the cost of exhaustive search is 2r + 8 bits when extending the Weiner's boundary r bits. In this paper, we first reduce the cost of exhaustive search from 2r + 8 bits to 2r + 2 bits. Then, we propose a method named EPF. With EPF, the cost of exhaustive search is further reduced to 2r − 6 bits when we extend Weiner's boundary r bits. It means that our result is 214 times faster than Verheul and van Tilborg's result. Besides, the security boundary is extended 7 bits.
Highlights
During the past 30 years, RSA [1] has been one of the most popular public-key cryptosystems worldwide
(1) We first reduce the cost of exhaustive search from 2r+ 8 (Verheul and van Tilborg’s result) bits to 2r + 2 bits when we extend Wiener’s boundary r bits
We can reduce the cost of exhaustive search from 2r + 8 bits (Verheul and van Tilborg’s extension) to 2r + 2 bits when we extend Wiener’s boundary r bits
Summary
During the past 30 years, RSA [1] has been one of the most popular public-key cryptosystems worldwide. In 1997, Verheul and van Tilborg [20] used an exhaustive search to further extend the boundary of the Wiener attack. Assume that an exhaustive search for 64 bits is feasible in terms of current computational abilities; solving r for the equation “2r+8 = 64” yields r = 28, which implies that the boundary of the Wiener attack should be raised up to N1/4228.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
