Skip to main content
Springer Nature Link
Log in

Low exponent attack against elliptic curve RSA

  • Conference paper
  • First Online:
Advances in Cryptology — ASIACRYPT'94 (ASIACRYPT 1994)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 917))

Included in the following conference series:

  • 241 Accesses

Abstract

Hastad showed that low exponent RSA is not secure if the same message is encrypted to several receivers. This is true even if time-stamp is used for each receiver. For example, let e=3. Then if the number of receivers =7, the eavesdropper can find the plaintext from the seven ciphertexts of each receiver.

This paper shows that elliptic curve RSA is not secure in the same scenario. It is shown that the KMOV scheme and Demytko's scheme are not secure if e=5, n≥21024 and the number of receivers =428. In Demytko's scheme, e can take the value of 2. In this case, this system is not secure if the number of receiver =11 for n≥2175.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. J.Hastad: On using RSA with low exponent in a public key network. Proc. of Crypto'85, pp.403–408 (1985)

    Google Scholar 

  2. K.Koyama, U.M.Maurer, T.Okamoto and S.A.Vanstone: New public-key schemes based on elliptic curves over the ring Z n . Proc. of Crypto'91 (1991)

    Google Scholar 

  3. N.Demytko: A new elliptic curve based analogue of RSA. Proc. of Eurocrypt'93, pp.39–48, May 24 (1993)

    Google Scholar 

  4. D.M.Bressoud: Factorization and primality testing. Springer-Verlag (1989)

    Google Scholar 

  5. K.Kurosawa and S.Tsujii: Low exponent attack against elliptic curve RSA. Technical Report of IEICE, ISEC94-2, pp.11–17 (1994)

    Google Scholar 

  6. H.Kuwakado and K.Koyama: On the security of RSA-type schemes over cubic curves against the Hastad attack. Technical report of IEICE, ISEC94-10, pp.23–30 (1994)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical and Electronic Engineering, Faculty of Engineering, Tokyo Institute of Technology, 2-12-1 O-okayama, Meguro-ku, 152, Tokyo, Japan

    Kaoru Kurosawa & Koji Okada

  2. Department of Information Systems Engineering, Chuo University, 1-13-27 Kasuga, Bunkyo-ku, 112, Tokyo, Japan

    Shigeo Tsujii

Authors
  1. Kaoru Kurosawa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Koji Okada
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shigeo Tsujii
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Josef Pieprzyk Reihanah Safavi-Naini

Rights and permissions

Reprints and permissions

Copyright information

© 1995 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kurosawa, K., Okada, K., Tsujii, S. (1995). Low exponent attack against elliptic curve RSA. In: Pieprzyk, J., Safavi-Naini, R. (eds) Advances in Cryptology — ASIACRYPT'94. ASIACRYPT 1994. Lecture Notes in Computer Science, vol 917. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0000449

Download citation

  • DOI: https://doi.org/10.1007/BFb0000449

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-59339-3

  • Online ISBN: 978-3-540-49236-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation