Skip to main content
SpringerLink
Log in

Tunable Balancing of RSA

  • Conference paper
Information Security and Privacy (ACISP 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3574))

Included in the following conference series:

Abstract

We propose a key generation method for RSA moduli which allows the cost of the public operations (encryption/verifying) and the private operations (decryption/signing) to be balanced according to the application requirements. Our method is a generalisation of using small public exponents and small Chinese remainder (CRT) private exponents. Our results are most relevant in the case where the cost of private operations must be optimised. We give methods for which the cost of private operations is the same as the previous fastest methods, but where the public operations are significantly faster. The paper gives an analysis of the security of keys generated by our method, and a new birthday attack on low Hamming-weight private exponents.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Boneh, D., Durfee, G.: Cryptanalysis of RSA with private key d less than N0.292. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 1–11. Springer, Heidelberg (1999)

    Google Scholar 

  2. Boneh, D., Shacham, H.: Fast variants of RSA. CryptoBytes 5(1), 1–9 (2002)

    Google Scholar 

  3. Ciet, M., Koeune, F., Laguillaumie, F., Quisquater, J.-J.: Short private exponent attacks on fast variants of RSA, Louvain technical report CG-2003/4 (2003)

    Google Scholar 

  4. Collins, T., Hopkins, D., Langford, S., Sabin, M.: Public key cryptographic apparatus and method. US Patent (1997)

    Google Scholar 

  5. Coppersmith, D.: Small solutions to polynomial equations and low exponent RSA vulnerabilities. J. Crypt. 10, 233–260 (1997)

    Article  MATH  MathSciNet  Google Scholar 

  6. Coppersmith, D.: Finding small solutions to small degree polynomials. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 20–31. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  7. Dujella, A.: Continued fractions and RSA with small secret exponent. Tatra Mt. Math. Publ. 29, 101–112 (2004)

    MATH  MathSciNet  Google Scholar 

  8. Durfee, G., Nguyen, P.: Cryptanalysis of the RSA scheme with short secret exponent from Asiacrypt 1999. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 14–29. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  9. Hardy, G.H., Wright, E.M.: An introduction to the theory of numbers, 5th edn., Oxford (1979)

    Google Scholar 

  10. Heneghan, C.: Ph.D. thesis (in preparation)

    Google Scholar 

  11. Hinek, M.J., Low, M.K., Teske, E.: On some attacks on multi-prime RSA. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 385–404. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Howgrave-Graham, N.A.: Finding small solutions of univariate modular equations revisited. In: Darnell, M. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 131–142. Springer, Heidelberg (1997)

    Google Scholar 

  13. Lim, C.H., Lee, P.J.: Sparse RSA secret keys and their generation. In: Proc. of 3rd Annual Workshop on Selected Areas in Cryptography (SAC 1996), pp. 117–131 (1996)

    Google Scholar 

  14. May, A.: Cryptanalysis of unbalanced RSA with small CRT-exponent. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 242–256. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  15. Paixão, C.A.M.: An efficient variant of the RSA cryptosystem (2003) (preprint)

    Google Scholar 

  16. Qiao, G., Lam, K.-Y.: RSA signature algorithm for microcontroller implementation. In: Quisquater, J.-J., Schneier, B. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 353–356. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  17. Stinson, D.: Some baby-step-giant-step algorithms for the low Hamming weight discrete logarithm problem. Math. Comp. 71(237), 379–391 (2001)

    Article  MathSciNet  Google Scholar 

  18. Sun, H.-M., Wu, M.-E.: An Approach Towards Rebalanced RSA-CRT with Short Public Exponent, Cryptology ePrint Archive, 2005/053

    Google Scholar 

  19. Sun, H.-M., Yang, C.-T.: RSA with balanced short exponents and its application to entity authentication. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 199–215. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  20. Sun, H.-M., Yang, W.-C., Laih, C.-S.: On the design of RSA with short secret exponent. In: Lam, K.Y., et al. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 150–164. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  21. Takagi, T.: Fast RSA-type cryptosystem modulo pkq. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 318–326. Springer, Heidelberg (1998)

    Google Scholar 

  22. Turk, J.W.M.: Fast arithmetic operations on numbers and polynomials. In: Lenstra Jr., H.W., Tijdeman, R. (eds.) Computational methods in number theory, Part 1, Mathematical Centre Tracts 154, Amsterdam (1984)

    Google Scholar 

  23. Verheul, E.R., van Tilborg, H.C.A.: Cryptanalysis of ‘less short’ RSA secret exponents, Applicable Algebra in Engineering. Communication and Computing 8, 425–435 (1997)

    MATH  Google Scholar 

  24. Wiener, M.: Cryptanalysis of short RSA secret exponents. IEEE Trans. Inf. Th. 36, 553–558 (1990)

    Article  MATH  MathSciNet  Google Scholar 

  25. Wu, M.-E.: A Study of RSA with Small CRT-Exponent, Thesis of Master Degree, Department of Applied Mathematics, National Chiao Tung University, Taiwan (June 2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK

    Steven D. Galbraith, Chris Heneghan & James F. McKee

Authors
  1. Steven D. Galbraith
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chris Heneghan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. James F. McKee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Security Institute, Queensland University of Technology, GPO Box 2434, Qld 4001, Brisbane, Australia

    Colin Boyd

  2. Information Security Institute, Queensland University of Technology, GPO Box 2434, QLD 4001, Brisbane, Australia

    Juan Manuel González Nieto

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Galbraith, S.D., Heneghan, C., McKee, J.F. (2005). Tunable Balancing of RSA. In: Boyd, C., González Nieto, J.M. (eds) Information Security and Privacy. ACISP 2005. Lecture Notes in Computer Science, vol 3574. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506157_24

Download citation

  • DOI: https://doi.org/10.1007/11506157_24

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26547-4

  • Online ISBN: 978-3-540-31684-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation