Skip to main content
SpringerLink
Log in

Another Look at Small RSA Exponents

  • Conference paper
Book cover Topics in Cryptology – CT-RSA 2006 (CT-RSA 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3860))

Included in the following conference series:

Abstract

In this work we consider a variant of RSA whose public and private exponents can be chosen significantly smaller than in typical RSA. In particular, we show that it is possible to have private exponents smaller than N 1/4 which are resistant to all known small private exponent attacks. This allows for instances of RSA with short CRT-exponents and short public exponents. In addition, the number of bits required to store the private key information can be significantly reduced in this variant.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Blömer, J., May, A.: Low secret exponent RSA revisited. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 4–19. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Blömer, J., May, A.: New partial key exposure attacks on RSA. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 27–43. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  3. Boneh, D., Durfee, G.: Cryptanalysis of RSA with private key d less than N 0.292. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 1–11. Springer, Heidelberg (1999)

    Google Scholar 

  4. Boneh, D., Durfee, G.: Cryptanalysis of RSA with private key d less than N 0.292. IEEE Transactions on Information Theory 46(4), 1339–1349 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  5. Boneh, D., Durfee, G., Frankel, Y.: An attack on RSA given a small fraction of the private key bits. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 25–34. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  6. Boneh, D., Durfee, G., Frankel, Y.: Exposing an RSA private key given a small fraction of its bits. Revised and extended version of proceedings of ASIACRYPT 1998 [5] (2001), Available at http://crypto.stanford.edu/~dabo/abstracts

  7. Boneh, D., Shacham, H.: Fast variants of RSA. Cryptobytes 5(1), 1–9 (2002)

    Google Scholar 

  8. Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. Journal of Cryptology 10(4), 233–260 (1997)

    Article  MATH  MathSciNet  Google Scholar 

  9. Coron, J.-S.: Finding small roots of bivariate integer polynomial equations revisited. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 492–505. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Dujella, A.: Continued fractions and RSA with small secret exponent. Tatra Mt. Math. Publ. 29, 101–112 (2004)

    MATH  MathSciNet  Google Scholar 

  11. Ernst, M., Jochemsz, E., May, A., de Weger, B.: Partial key exposure attacks on RSA up to full size exponents. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 371–387. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. Galbraith, S.D., Heneghan, C., McKee, J.F.: Tunable balancing of RSA. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 280–292. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  13. Girault, M.: An identity-based identification scheme based on discrete logorithms modulo a composite number. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 481–486. Springer, Heidelberg (1991)

    Google Scholar 

  14. Howgrave-Graham, N.A.: Finding small roots of univariate modular equations revisited. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 131–142. Springer, Heidelberg (1997)

    Google Scholar 

  15. Lenstra, A.K.: Unbelievable security: Matching AES security using public key systems. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 67–86. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  16. Lim, C.H., Lee, P.J.: Security and performance of server-aided RSA computation protocols. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 70–83. Springer, Heidelberg (1995)

    Google Scholar 

  17. May, A.: Cryptanalysis of unbalanced RSA with small CRT-exponent. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 242–256. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  18. May, A.: Secret exponent attacks on RSA-type schemes with moduli N = p r q. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 218–230. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  19. McKee, J., Pinch, R.G.E.: Further attacks on server-aided RSA cryptosystems (1998), Available at http://citeseer.ist.psu.edu/388295.html

  20. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public key cryptosystems. Commun. of the ACM 21, 120–126 (1978)

    Article  MATH  MathSciNet  Google Scholar 

  21. Steinfeld, R., Contini, S., Wang, H., Pieprzyk, J.: Converse results to the Wiener attack on RSA. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 184–198. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  22. Sun, H.-M., Hinek, M.J., Wu, M.-E.: On the design of rebalanced RSA-CRT. Technical Report CACR 2005-35, Centre for Applied Cryptographic Research, University of Waterloo (2005), http://www.cacr.math.uwaterloo.ca/

  23. Sun, H.-M., Wu, M.-E.: An approach towards rebalanced RSA-CRT with short public exponent. Cryptology ePrint Archive, Report 2005/053 (2005), http://eprint.iacr.org/

  24. Sun, H.-M., Yang, C.-T.: RSA with balanced short exponents and its application to entity authentication. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 199–215. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  25. Verheul, E.R., van Tilborg, H.C.A.: Cryptanalysis of ‘less short’ RSA secret exponents. Appl. Algebra Eng. Commun. Comput. 8(5), 425–435 (1997)

    Article  MATH  Google Scholar 

  26. Wiener, M.: Cryptanalysis of short RSA secret exponents. IEEE Transactions on Information Theory 36(3), 553–558 (1990)

    Article  MATH  MathSciNet  Google Scholar 

  27. Zimmerman, P.: Integer factoring records (May 2005), http://www.loria.fr/~zimmerma/records/factor.html

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, University of Waterloo, Waterloo, Ontario, N2L-3G1, Canada

    M. Jason Hinek

Authors
  1. M. Jason Hinek
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Ecole Normale Supérieure – LIENS/CNRS/INRIA, France

    David Pointcheval

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hinek, M.J. (2006). Another Look at Small RSA Exponents. In: Pointcheval, D. (eds) Topics in Cryptology – CT-RSA 2006. CT-RSA 2006. Lecture Notes in Computer Science, vol 3860. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11605805_6

Download citation

  • DOI: https://doi.org/10.1007/11605805_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-31033-4

  • Online ISBN: 978-3-540-32648-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation