Wiener, Boneh–Durfee, and May Attacks on the RSA Public Key Cryptosystem

Durfee, Glenn

doi:10.1007/0-387-23483-7_460

Wiener, Boneh–Durfee, and May Attacks on the RSA Public Key Cryptosystem

Glenn Durfee

Reference work entry

203 Accesses

These cryptanalytic results (see cryptanalysis) show that the RSA public key encryption scheme is not secure under certain conditions on the RSA parameters.

To use RSA one first chooses two large prime numbers p and q. The public modulus is N = pq, and p and q are kept secret (see modular arithmetic). A public exponent e and a secret (private) exponent d are chosen satisfying the RSA equation ed = 1 mod(N − p − q + 1). Typically, the secret exponent d is of approximately the same bit-length as the public modulus N, the public exponent e has a bit-length no greater than the bit-length of N, and the primes p and q are approximately the same bit-length. Because RSA decryption and signature generation depend on the length of the secret exponent d, it is tempting to use a short d to speed up these operations. However, in 1990, Wiener [1 showed that if the length of d is less than one-quarter of the length of N, then there is an efficient attack which computes the secret exponent dfrom the...

This is a preview of subscription content, log in via an institution.

References

Wiener, M. (1990). “Cryptanalysis of short RSA secret exponents.” IEEE Transactions on Information Theory, 36 (3), 553–558.
Article MATH MathSciNet Google Scholar
Coppersmith, D. (2001). “Finding small solutions to small degee polynomials.” Proceedings of Cryptography and Lattices Conference, Lecture Notes in Computer Science, vol. 2146, ed. J.H. Silverman. Springer-Verlag, Berlin.
Google Scholar
Boneh, D. and G. Durfee (2000). “Cryptanalysis of RSA with private key d less than N ^0.292.” IEEE Transactions on Information Theory, 46 (4), 1339–1349.
Article MATH MathSciNet Google Scholar
Durfee, G. and P. Nguyen (2000). “Cryptanalysis of RSA schemes with short secret exponent from Asiacrypt'99.” Proceedings of ASIACRYPT 2000, Lecture Notes in Computer Science, vol. 1976, ed. T. Okamoto. Springer-Verlag, Berlin, 14–29.
Google Scholar
May, A. (2002). “Cryptanalysis of unbalanced RSA with small CRT-exponent.” Proceedings of CRYPTO 2002, Lecture Notes in Computer Science, vol. 2442, ed. M. Yung. Springer-Verlag, Berlin, 242–256.
Google Scholar

Download references

Authors

Glenn Durfee
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Eindhoven University of Technology, Eindhoven, The Netherlands
Henk C. A. van Tilborg

Rights and permissions

Reprints and permissions

Copyright information

About this entry

Cite this entry

Durfee, G. (2005). Wiener, Boneh–Durfee, and May Attacks on the RSA Public Key Cryptosystem. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_460

Download citation

DOI: https://doi.org/10.1007/0-387-23483-7_460
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-23473-1
Online ISBN: 978-0-387-23483-0
eBook Packages: Computer ScienceReference Module Computer Science and Engineering

Publish with us

Policies and ethics