Factoring a Multiprime Modulus N with Random Bits

Terada, Routo; Villena, Reynaldo Cáceres

doi:10.1007/978-3-319-27659-5_13

Factoring a Multiprime Modulus N with Random Bits

Routo Terada¹⁴ &
Reynaldo Cáceres Villena¹⁴

Conference paper
First Online: 30 December 2015

764 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7807))

Abstract

In 2009, Heninger and Shacham presented an algorithm using the Hensel’s lemma for reconstructing the prime factors of the modulus \(N = r_1r_2\). This algorithm computes the prime factors of N in polynomial time, with high probability, assuming that a fraction greater than or equal to 59 % random bits of its primes \(r_1\) and \(r_2\) is given. In this paper, we present the analysis of Hensel’s lemma for a multiprime modulus \(N = \prod ^u_{i=1}r_i\) (for \(u\ge 2\)) and we generalise the Heninger and Shacham’s algorithm to determine the minimum fraction of random bits of its prime factors that is sufficient to factor N in polynomial time with high probability.

R.C. Villena—Supported by CAPES, Brazil.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

1.
Basic RSA is when the modulus N is product of two primes.
2.
Multi-prime RSA is a generalization of the Basic RSA where the modulus N is the product of two or more primes.
3.
N is the product of u primes with the same bit length, as in the Basic RSA.
4.
It is an algorithm to factor an integer N with a very good performance.
5.
It is an algorithm to compute a non-trivial factor of N.

References

Aranha, D.F., Gouvêa, C.P.L.: RELIC is an Efficient Library for Cryptography. http://code.google.com/p/relic-toolkit/
Bar-El, H.: Introduction to side channel attacks. White Paper, Discretix Technologies Ltd. (2003)
Google Scholar
Boneh, D.: Twenty years of attacks on the RSA cryptosystem. Not. AMS 46(2), 203–213 (1999)
MATH MathSciNet Google Scholar
Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52(5), 91–98 (2009)
Article Google Scholar
Heninger, N., Shacham, H.: Reconstructing RSA private keys from random key bits. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 1–17. Springer, Heidelberg (2009)
Chapter Google Scholar
Herrmann, M., May, A.: Solving linear equations modulo divisors: on factoring given any bits. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 406–424. Springer, Heidelberg (2008)
Chapter Google Scholar
Hinek, M.J.: On the security of multi-prime RSA. J. Math. Cryptol. 2(2), 117–147 (2008)
Article MATH MathSciNet Google Scholar
Jonsson, J., Kaliski, B.: Public-key cryptography standards (PKCS)# 1: Rsa cryptography specifications version 2.1. Technical report, RFC 3447, February 2003
Google Scholar
Kogure, J., Kunihiro, N., Yamamoto, H.: Generalized security analysis of the random key bits leakage attack. In: Yung, M., Jung, S. (eds.) WISA 2011. LNCS, vol. 7115, pp. 13–27. Springer, Heidelberg (2012)
Chapter Google Scholar
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)
Chapter Google Scholar
Ptacek, T. : Recover a private key from process memory (2006). http://chargen.matasano.com/chargen/2006/1/25/recover-a-private-key-from-process-memory.html
Quisquater, J.J., Couvreur, C.: Fast decipherment algorithm for RSA public-key cryptosystem. Electron. Lett. 18(21), 905–907 (1982)
Article Google Scholar
Shamir, A., van Someren, N.: Playing ‘Hide and Seek’ with stored keys. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 118–124. Springer, Heidelberg (1999)
Chapter Google Scholar
Skorobogatov, S.: Low temperature data remanence in static ram. University of Cambridge Computer Laborary Technical Report 536 (2002)
Google Scholar
Takagi, T.: Fast RSA-type cryptosystem modulo \(p^{k}q\). In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 318–326. Springer, Heidelberg (1998)
Chapter Google Scholar

Download references

Acknowledgment

We thank anonymous referees who pointed out the work by Kogure et al. [9].

Author information

Authors and Affiliations

Department of Computer Science, University of São Paulo, São Paulo, Brazil
Routo Terada & Reynaldo Cáceres Villena

Authors

Routo Terada
View author publications
You can also search for this author in PubMed Google Scholar
Reynaldo Cáceres Villena
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Routo Terada .

Editor information

Editors and Affiliations

University of Texas at Dallas, Richardson, Texas, USA
Yvo Desmedt

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Terada, R., Villena, R.C. (2015). Factoring a Multiprime Modulus N with Random Bits. In: Desmedt, Y. (eds) Information Security. Lecture Notes in Computer Science(), vol 7807. Springer, Cham. https://doi.org/10.1007/978-3-319-27659-5_13

Download citation

DOI: https://doi.org/10.1007/978-3-319-27659-5_13
Published: 30 December 2015
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-27658-8
Online ISBN: 978-3-319-27659-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics