Abstract
We show that the cryptosystems based on Lucas sequences and on elliptic curves over a ring are insecure when a linear relation is known between two plaintexts that are encrypted with a “small” public exponent. This attack is already known for the classical RSA system, but the proofs and the results here are different.
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
References
Alfred V. Aho, John E. Hopcropft, and Jeffrey D. Ullman. The design and analysis of computer programming. Addison-Wesley, 1974.
Daniel Bleichenbacher, Wieb Bosma, and Arjen K. Lenstra. Some remarks on Lucas-based cryptosystems. In D. Coppersmith, editor, Advances in Cryptology — Crypto '95, vol. 963 of Lectures Notes in Computer Science, pp. 386–396, Springer-Verlag, 1995.
David M. Bressoud. Factorization and primality testing. Undergraduate Texts in Mathematics, Springer-Verlag, 1989.
Henri Cohen. A course in computational algebraic number theory. Number 138 in Graduate Texts in Mathematics. Springer-Verlag. 1993.
Don Coppersmith. Finding a small root of an univariate modular equation. IBM Research Report, RC 20223, Nov. 1995.
Don Coppersmith, Matthew Franklin, Jacques Patarin, and Michael Reiter. Low exponent RSA with related messages. To appear in Eurocrypt '96.
N. Demytko. A new elliptic curve based analogue of RSA. In T. Helleseth, editor, Advances in Cryptology — Eurocrypt '95, volume 765 of Lectures Notes in Computer Science pages 40–49. Springer-Verlag, 1993.
Whitfield Diffie, and Martin E. Hellman. New directions in Cryptography. IEEE Trans. on Information Theory, vol. IT-26, no. 6, pp. 644–654, Nov. 1976.
Matthew K. Franklin, and Michael K. Reiter. A linear protocol failure for RSA with exponent three. Preliminary note for Crypto '95 rump session.
Johan Håstad. On using RSA with low exponent in a public key network. In H.C. Williams, editor, Advances in Cryptology — Crypto '85, vol. 218 of Lectures Notes in Computer Science, pp. 404–408, Springer-Verlag, 1986.
Dale Husemöller. Elliptic curves. Number 111 in Graduate Texts in Mathematics. Springer-Verlag, 1987.
Marc Joye, and Jean-Jacques Quisquater. Protocol failures for RSA-like functions using Lucas sequences and elliptic curves. UCL Crypto Group Technical Report, CG-1995/4, Dec. 1995.
Burton S. Kaliski, Jr. A chosen attack on Demytko's elliptic curve cryptosystem. To appear in Journal of Cryptology.
Donald E. Knuth. The art of computer programming: Volume 2/Seminumerical algorithms. 2nd ed., Reading, MA, Addison-Wesley Publishing Company, 1981.
Neal Koblitz. A course in number theory and Cryptography. Number 114 in Graduate Texts in Mathematics. Springer-Verlag, 2nd edition, 1994.
Kenji Koyama, Ueli M. Maurer. Tatsuaki Okamoto, and Scott A. Vanstone. New public-key schemes based on elliptic curves over the ring ℤ n . In J. Feigenbaum, editor, Advances in Cryptology — Crypto '91, volume 576 of Lectures Notes in Computer Science, pages 252–266. Springer-Verlag, 1991.
H. Kuwakado, and K. Koyama. Security of RSA-type cryptosystems over elliptic curves against Håstad attack. Electronics Letters, vol. 30, no. 22, pp. 1843–1844, Oct. 1994.
C.-S. Laih, F-K. Tu, and W.-C. Tai. Remarks on LUC public key system. Electronics Letters, vol. 30, no. 2, pp. 123–124, Jan. 1994.
Chi-Sung Laih, Fu-Kuan Tu, and Wen-Chung Tai. On the security of the Lucas function. Informations Processing Letters 53, pp. 243–247, 1995.
Alfred Menezes, Minghua Qu, and Scott Vanstone. Standard for RSA, DiffieHellman and related public-key cryptography. Working draft of IEEE P1363 Standard, chapter 6, April 1995.
Alfred J. Menezes. Elliptic curve public key Cryptosystems. Kluwer Academic Publishers, 1993.
Winfried B. Müller, and Rupert Nöbauer. Some remarks on public-key cryptosystems. Sci. Math. Hungar., vol. 16, pp. 71–76, 1981.
Winfried B. Müller, and Rupert Nöbauer. Cryptanalysis of the Dickson-scheme. In F. Pichler, editor, Advances in Cryptology — Eurorypt '85, vol. 219 of Lectures Notes in Computer Science, pp. 50–61, Springer-Verlag, 1986.
S. Murphy. Remarks on the LUC public key system. Electronics Letters, vol. 30, no, 7, pp. 558–559, March 1994.
Jacques Patarin. Some serious protocol failures for RSA with exponent e of less than-32 bits. Presented at the conference of cryptography, CIRM Luminy, France, 25–29 Sept. 1995.
R.G.E. Pinch. Extending the Håstad attack to LUC. Electronics Letters, vol. 31, no. 21, pp. 1827–1828, Oct. 1995.
Paulo Ribenboim. The little book of big primes. Springer-Verlag, 1991.
Hans Riesel. Prime numbers and computers methods for factorization. Progress in Mathematics, vol. 57, Birkhäuser, 1985.
R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, pp. 120–126, 1978.
Joseph H. Silverman. The arithmetic of elliptic curves. Number 106 in Graduate Texts in Mathematics. Springer-Verlag, 1986.
Peter J. Smith, and Michael J. J. Lennon. LUC: A new public key system. In E. G. Douglas, editor, Ninth IFIP Symposium on Computer Security, pp. 103–117. Elsevier Science Publishers, 1993.
Peter Smith. LUC public-key encryption. Dr. Dobb's Journal, pp. 44–49, Jan. 1993.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1997 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Joye, M., Quisquater, JJ. (1997). Protocol failures for RSA-like functions using Lucas sequences and elliptic curves. In: Lomas, M. (eds) Security Protocols. Security Protocols 1996. Lecture Notes in Computer Science, vol 1189. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-62494-5_8
Download citation
DOI: https://doi.org/10.1007/3-540-62494-5_8
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-62494-3
Online ISBN: 978-3-540-68047-5
eBook Packages: Springer Book Archive