Abstract
The security of the least significant bit (LSB) of the secret key in the Elliptic Curve Diffie-Hellman protocol (and of the message in the RSA) is related to the security of the whole key (and of the whole message, respectively). Algorithms to invert these cryptographic algorithms, making use of oracles that predict the LSB, have been published. We implement two of these algorithms, identify critical parameters, and modify the sampling to achieve a significant improvement in running times.
D. Nakamura—Partially funded by Coordenadoria de Aperfeiçoamento de Pessoal de Nível Superior (CAPES).
R. Terada—Partially funded by Fundação de Amparo à Pesquisa (FAPESP) grant 2011/50761-2.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
This requirement is NOT explicitly written in [1].
- 2.
References
Alexi, W., Chor, B., Goldreich, O., Schnorr, C.-P.: RSA and rabin functions: certain parts are as hard as the whole. SIAM J. Comput. 17(2), 194–209 (1988)
Aranha, D.F., Gouvêa, C.P.L.: RELIC is an Efficient LIbrary for Cryptography. http://code.google.com/p/relic-toolkit/
Ben-Or, M., Chor, B., Shamir, A.: On the cryptographic security of single RSA bits. In: ACM Symposium on Theory of Computing (STOC 1883), pp. 421–430. ACM Press, Baltimore, April 1983
Blum, L., Blum, M., Shub, M.: A simple unpredictable pseudo-random number generator. SICOMP: SIAM J. Comput. 15, 364–383 (1986)
Blum, M., Micali, S.: How to generate cryptographically strong sequence of pseudo-random bits. SIAM J. Comput. 13, 850–864 (1984)
Boneh, D., Shparlinski, I.E.: On the unpredictability of bits of the elliptic curve Diffie–Hellman scheme. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 201. Springer, Heidelberg (2001)
Boneh, D., Venkatesan, R.: Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 129–142. Springer, Heidelberg (1996)
Bos, J.W., Kaihara, M.E., Kleinjung, T., Lenstra, A.K., Montgomery, P.L.: On the security of 1024-bit RSA and 160-bit elliptic curve cryptography. http://eprint.iacr.org/2009/389 (2009)
Brent, R.P., Kung, H.T.: Systolic VLSI arrays for polynomial GCD computation. IEEE Trans. Comput. 33, 731–736 (1984)
Buhler, J.P., Lenstra, H.W., Pomerance, C.: Factoring integers with the number field sieve. In: Lenstra, A.K., Lenstra, H.W. (eds.) The Development of the Number Field Sieve. LNM, vol. 1554, pp. 50–94. Springer, Heidelberg (1993)
Chevalier, C., Fouque, P.-A., Pointcheval, D., Zimmer, S.: Optimal randomness extraction from a Diffie-Hellman element. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 572–589. Springer, Heidelberg (2009)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Fischlin, R., Schnorr, C.-P.: Stronger security proofs for RSA and rabin bits. J. Cryptol. 13(2), 221–244 (2000)
Goldwasser, S., Micali, S., Tong, P.: Why and how to establish a private code on a public network (extended abstract). In: FOCS, pp. 134–144. IEEE, Chicago, Illinois, November 1982
Hofheinz, D., Kiltz, E.: Practical chosen ciphertext secure encryption from factoring. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 313–332. Springer, Heidelberg (2009)
Jetchev, D., Venkatesan, R.: Bits security of the elliptic curve Diffie–Hellman secret keys. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 75–92. Springer, Heidelberg (2008)
Knuth, D.E.: The Art of Computer Programming. Seminumerical Algorithms, vol. 2, 2nd edn. Addison-Wesley, Reading (1981)
Lenstra, A.K., Verheuil, E.R.: Selecting cryptographic key sizes. J. Cryptol. 14, 255–293 (1999)
Menezes, A.J., Vanstone, S.A., Van Oorschot, P.C.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Rabin, M.: Digitalized signatures as intractable as factorization. Technical report MIT/LCS/TR-212, MIT Laboratory for Computer Science, January 1979
Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
Roh, D., Hahn, S.G.: On the bit security of the weak Diffie-Hellman problem. Inf. Process. Lett. 110, 799–802 (2010)
Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997)
Stein, J.: Computational problems associated with Racah algebra. J. Comput. Phys. 1(3), 397–405 (1967)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Nakamura, D., Terada, R. (2015). RSA and Elliptic Curve Least Significant Bit Security. In: Aranha, D., Menezes, A. (eds) Progress in Cryptology - LATINCRYPT 2014. LATINCRYPT 2014. Lecture Notes in Computer Science(), vol 8895. Springer, Cham. https://doi.org/10.1007/978-3-319-16295-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-16295-9_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-16294-2
Online ISBN: 978-3-319-16295-9
eBook Packages: Computer ScienceComputer Science (R0)