Skip to main content
SpringerLink
Log in
Book cover

Australasian Conference on Information Security and Privacy

ACISP 2002: Information Security and Privacy pp 136–143Cite as

Note on Fast Computation of Secret RSA Exponents

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2384))

Abstract

Today’s cryptography using RSA is faced with the problem of increased bit length and so called fast on-card key generation — both for security reasons. These two requirements often constitute a problem on existing cards as their arithmetic coprocessors are most often designed for a fixed bit length which is not suited for latest security demands. While the main problem, the overcoming of the computational limitations of the cards coprocessor can in principle be solved via recent efficient algorithms, the subproblem of computing the secret RSA exponents cannot be solved satisfactory by these algorithms. This is due to the fact that the key generation, including the secret RSA exponent, is done during the card personalization in the fab where production times are very costly. This article proposes a very simple, natural and efficient solution to this problem. Namely, computing the secret RSA exponent d via the Chinese Remainder Theorem (CRT) wrt. p − 1 and q − 1 where p and q denote the two secret primes of the the public modul N. We stress that it is impossible to use the CRT in a straightforward way, as p − 1 and q − 1 are not relatively prime. Nevertheless the solution to this problem is natural and very simple. However, as we have not found anywhere in the literature a hint on this very practical result, we felt to share it with the community.

Moreover, we present another method to compute efficiently secret RSA exponents d for certain short public keys e which we have not seen so far in the public literature.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. E. Bach, J. Shallit, Algorithmic Number Theory, MIT Press, Cambridge MA, 1996.

    MATH  Google Scholar 

  2. D. Boneh, DeMillo, R. Lipton, “On the Importance of Eliminating Errors in Cryptographic Computations” Journal of Cryptology 14(2):101–120, 2001.

    Article  MATH  MathSciNet  Google Scholar 

  3. J.-S. Coron, P. Kocher and D. Naccache, Statistics and secret leakage, Proc. of Financial Cryptography’ 00, pp.-–-, 2000.

    Google Scholar 

  4. S. Cavallar et alii, Proc. of EUROCRYPT’ 00, Springer LNCS, vol. 1807, pp. 1–19, 2000.

    Google Scholar 

  5. C. Couvreur, J.-J. Quisquater, “Fast decipherment algorithm for RSA public-key cryptosystem”, Electronics Letters 18(21):905–907, 1982.

    Article  Google Scholar 

  6. A. S. Fraenkel, “New proof of the generalized Chinese Remainder Theorem”, Proc. Amer. Math. Soc. 14:790–791, 1963.

    Article  MATH  MathSciNet  Google Scholar 

  7. C. F. Gauss, Disquisitiones Arithmeticae, G. Fleischer, Leipzig, 1801.

    Google Scholar 

  8. H. Handschuh, P. Pailler, “Smart Card Crypto-Coprocessors for Public-Key Cryptography”, CryptoBytes 4(1):6–11, 1998.

    Google Scholar 

  9. E. Hess, N. Janssen, B. Meyer, T. Schütze, “Information leakage attacks against smart card implementations of cryptographic algorithms and countermeasures”, Proc. of EUROSMART-Security-Conference 2000, pp. 53–64, 2000.

    Google Scholar 

  10. M. Joye, P. Pailler, S.-M. Yen, “Secure Evaluation of Modular Functions”, Proc. of 2001 International Workshop on Cryptology and Network Security, pp. 227–229, 2001.

    Google Scholar 

  11. D. E. Knuth, The Art of Computer Programming, Vol.2: Seminumerical Algorithms, 3rd ed., Addison-Wesley, Reading MA, 1999.

    Google Scholar 

  12. N. Koblitz, A Course in Number Theory and Cryptography, Springer, Berlin, 1994.

    MATH  Google Scholar 

  13. N. Koblitz, Algebraic Aspects of Cryptography, Springer, Berlin, 1999.

    Google Scholar 

  14. A. J. Menezes, P. van Oorschot, S. Vanstone, Handbook of Applied Cryptog-raphy, CRC Press, New York, 1997.

    Google Scholar 

  15. P. Pailler, “Low-cost double size modular exponentiation or how to stretch your cryptocoprocessor”, Proc. of Public Key Cryptography’ 99, Springer LNCS, vol. 1560, pp. 223–234, 1999.

    Chapter  Google Scholar 

  16. R. Rivest, A. Shamir, L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems”, Comm. of the ACM 21:120–126, 1978.

    Article  MATH  MathSciNet  Google Scholar 

  17. B. Schneier, Applied Cryptography, John Wiley & Sons, New York, 1996.

    Google Scholar 

  18. A. Shamir, “Method and Apparatus for protecting public key schemes from timing and fault attacks”, U.S. Patent Number 5, 991,415, November 1999.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Security & ChipCard ICs Technology & Innovations, Infineon Technologies Corporation, D-81609, Munich, Germany

    Wieland Fischer & Jean-Pierre Seifert

Authors
  1. Wieland Fischer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jean-Pierre Seifert
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Rusden Campus, Deakin University, Burwood Road, Melbourne, Victoria, Australia

    Lynn Batten

  2. Department of Computer Science, University of Wollongong, Northfields Avenue, Wollongong, NSW, Australia

    Jennifer Seberry

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fischer, W., Seifert, JP. (2002). Note on Fast Computation of Secret RSA Exponents. In: Batten, L., Seberry, J. (eds) Information Security and Privacy. ACISP 2002. Lecture Notes in Computer Science, vol 2384. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45450-0_10

Download citation

  • DOI: https://doi.org/10.1007/3-540-45450-0_10

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-43861-8

  • Online ISBN: 978-3-540-45450-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation