Abstract

Let (N,e) be a public key of the RSA cryptosystem, and d be the corresponding private key. In practice, we usually choose a small e for quick encryption. In this paper, we improve partial private key exposure attacks against RSA with a small public exponent e. The key idea is that under such a setting we can usually obtain more information about the prime factor of N and then by solving a univariate modular polynomial with Coppersmith's method, N can be factored in polynomial time. Compared to previous results, we reduce the number of d's leaked bits needed to mount the attack by log_2 (e) bits. Furthermore, our experiments show that for 1024-bit N, our attack can achieve the theoretical bound on a personal computer, which verified our attack.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
A Third is All You Need: Extended Partial Key Exposure Attack on CRT-RSA with Additive Exponent Blinding
Yuanyuan Zhou ... François-Xavier Standaert
-
Yuanyuan Zhou, et. al.Yuanyuan Zhou ... François-Xavier Standaert
01 Jan 2021
New Results for Partial Key Exposure on RSA with Exponent Blinding
Stelvio Cimato ... Ruggero Susella
-
Stelvio Cimato, et. al.Stelvio Cimato ... Ruggero Susella
01 Jan 2015
Partial Key Exposure Attacks on Unbalanced RSA with the CRT
H J Lee
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences | VOL. E89-A
H J LeeH J Lee
01 Feb 2006
Partial Key Exposure Attacks on BIKE, Rainbow and NTRU
Andre Esser ... Weiqiang Wen
-
Andre Esser, et. al.Andre Esser ... Weiqiang Wen
01 Jan 2021
View more papers

More From: IACR Communications in Cryptology

Paper Title
Journal
Date
Author
A Note on Related-Tweakey Impossible Differential Attacks
Xavier Bonnetain ... Virginie Lallemand
IACR Communications in Cryptology | VOL. -
Xavier Bonnetain, et. al.Xavier Bonnetain ... Virginie Lallemand
07 Oct 2024
An analysis of the Crossbred Algorithm for the MQ Problem
Damien Vidal ... Sorina Ionica
IACR Communications in Cryptology | VOL. -
Damien Vidal, et. al.Damien Vidal ... Sorina Ionica
07 Oct 2024
Tweakable ForkCipher from Ideal Block Cipher
Sougata Mandal
IACR Communications in Cryptology | VOL. -
Sougata MandalSougata Mandal
07 Oct 2024
Special Soundness Revisited
Douglas Wikström
IACR Communications in Cryptology | VOL. -
Douglas WikströmDouglas Wikström
07 Oct 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.