Abstract
We give a polynomial time probabilistic algorithm that constructs an RSA modulus M=pl, where p and l are two n-bit primes, which has about n/2 bits, on certain positions, prescribed in advance. Although the number of prescribed bits is less than in other constructions, this algorithm can be rigorously analyzed while the other approaches remain heuristic. The proof is based on bounds of exponential sums. We also show that this algorithm can be used for finding 2n-bit RSA moduli whose binary expansions are of Hamming weight about 3n/4. Finally, similar arguments are also applied to smooth integers.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
M. Agrawal, N. Kayal and N. Saxena, PRIMES is in P, Ann. Math., to appear.
D. Boneh (2002) ArticleTitleFinding smooth integers in short intervals using CRT decoding J. Comp. and Syst. Sci. 64 768–784 Occurrence Handle1052.68036 Occurrence Handle2003k:94053
R. Crandall C. Pomerance (2001) Prime numbers: A Computational perspective Springer-Verlag Berlin
P. X. Gallagher (1972) ArticleTitlePrimes in progressions to prime-power modulus Invent. Math. 16 191–201 Occurrence Handle10.1007/BF01425492 Occurrence Handle0246.10030 Occurrence Handle46 #3462
A. Granville, Smooth numbers: Computational number theory and beyond, In Proceedings of the MSRI Conference Algorithmic Number Theory: Lattices, Number Fields, Curves and Cryptography, Berkeley 2000, Cambridge University. Press, (to appear).
D. R. Heath-Brown (1991) ArticleTitleZero-free regions for Dirichlet L-functions and the least prime in an arithmetic progression Proc. Lond. Math. Soc. 64 265–338 Occurrence Handle93a:11075
M. N. Huxley (1972) ArticleTitleOn the difference between consecutive primes Invent. Math. 15 164–170 Occurrence Handle0241.10026 Occurrence Handle45 #1856
A. Ivić (1985) The Riemann Zeta-function Wiley-Interscience Publisher New York
H. Iwaniec (1974) ArticleTitleOn zeros of Dirichlet’s L series Invent. Math. 23 97–104 Occurrence Handle10.1007/BF01405163 Occurrence Handle0275.10024 Occurrence Handle49 #8947
A.K. Lenstra , Generating RSA moduli with a redetermined portion, Lecturer Notes in Computer Science,, Springer-Verlag, Berlin, Vol. 1514 (1998), pp. 1–10.
H. W. Lenstra (1987) ArticleTitleFactoring integers with elliptic curves Ann. Math. 126 649–673 Occurrence Handle0629.10006 Occurrence Handle89g:11125
F. J. MacWilliams N. J. A. Sloane (1977) The Theory of Error-correcting Codes North Holland Amsterdam
P. Paillier, Public key cryptosystems based on composite degree residuosity classes, Lecturer Notes in Computer Science, Springer-Verlag, Berlin, Vol. 1592 (1999), pp. 223–238.
S. A. Vanstone R. J. Zuccherato (1995) ArticleTitleShort RSA keys and their generation J. Cryptology 8 101–114
I. M. Vinogradov (1954) Elements of Number Theory Dover Publisher New York
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by: A.J. Menezes
About this article
Cite this article
Shparlinski, I.E. On RSA Moduli with Prescribed Bit Patterns. Des Codes Crypt 39, 113–122 (2006). https://doi.org/10.1007/s10623-005-3137-2
Received:
Revised:
Accepted:
Issue Date:
DOI: https://doi.org/10.1007/s10623-005-3137-2