Skip to main content
SpringerLink
Log in

Cryptanalytic results on ‘Dual CRT’ and ‘Common Prime’ RSA

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

In this paper we study weaknesses of two variants of RSA: Dual RSA and Common Prime RSA. Several schemes under the framework of Dual RSA have been proposed by Sun et al. (IEEE Trans Inf Theory 53(8):2922–2933, 2007). We here concentrate on the Dual CRT-RSA scheme and present certain range of parameters where it is insecure. As a corollary of our work, we prove that the Dual Generalized Rebalanced-RSA (Scheme III of Sun et al.) can be efficiently broken for a significant region where the scheme has been claimed to be secure. Next we consider the Common Prime RSA as proposed by Wiener (IEEE Trans. Inf. Theory 36:553–558, 1990). We present new range of parameters in Common Prime RSA where it is not secure. We use lattice based techniques for the attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Bleichenbacher D., May A.: New attacks on RSA with small secret CRT-exponents. In: Proceedings of PKC 2006. Lecture Notes in Computer Science, vol. 3958, pp. 1–13. Springer, Heidelberg (2006).

  2. Boneh D., Durfee G.: Cryptanalysis of RSA with private key d less than N 0.292. IEEE Trans. Inf. Theory 46, 1339–1349 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  3. Boneh D., Durfee G., Frankel Y.: Exposing an RSA private key given a small fraction of its bits. In: Proceedings of Asiacrypt 1998. Lecture Notes in Computer Science, vol. 1514, pp. 25–34. Springer, Heidelberg (1998).

  4. Coppersmith D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptol. 10(4), 233–260 (1997)

    Article  MathSciNet  MATH  Google Scholar 

  5. Galbraith S.D., Heneghan C., McKee J.F.: Tunable balancing of RSA. In: Proceedings of ACISP 2005. Lecture Notes in Computer Science, vol. 3574, pp. 280–292. Springer, Heidelberg (2005).

  6. Hinek M.J.: Another look at small RSA exponents. In: Proceedings of CT-RSA 2006. Lecture Notes in Computer Science, vol. 3860, pp. 82–98. Springer, Heidelberg (2006).

  7. Hinek M.J.: On the security of some variants of RSA. Ph.D. thesis, University of Waterloo, Waterloo. http://uwspace.uwaterloo.ca/handle/10012/2988 (2007).

  8. Hinek M.J.: Cryptanalysis of RSA and Its Variants. Chapman & Hall/CRC, Boca Raton (2009)

    Book  Google Scholar 

  9. Howgrave-Graham N.: Finding small roots of univariate modular equations revisited. In: Proceedings of Cryptography and Coding. Lecture Notes in Computer Science, vol. 1355, pp. 131–142. Springer, Heidelberg (2006).

  10. Jochemsz E.: Cryptanalysis of RSA variants using small roots of polynomials. Ph.D. thesis, Technische Universiteit Eindhoven, Eindhoven. http://www.win.tue.nl/~bdeweger/studenten.html (2007).

  11. Jochemsz E., May A.: A strategy for finding roots of multivariate polynomials with new applications in attacking RSA variants. In: Proceedings of Asiacrypt 2006. Lecture Notes in Computer Science, vol. 4284, pp. 267–282. Springer, Heidelberg (2006).

  12. Jochemsz E., May A.: A polynomial time attack on RSA with private CRT-exponents smaller than N 0.073. In: Proceedings of Crypto 2007. Lecture Notes in Computer Science, vol. 4622, pp. 395–411. Springer, Heidelberg (2007).

  13. Lenstra A.K., Lenstra H.W. Jr. (eds.): The Development of the Number Field Sieve. Lecture Notes in Mathematics, vol. 1554. Springer, Berlin (1993)

  14. Lenstra A.K., Lenstra H.W., Lovász L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 513–534 (1982)

    Article  Google Scholar 

  15. Lim C.H., Lee P.J.: Security and performance of server-aided RSA computation protocols. In: Proceedings of Crypto 1995. Lecture Notes in Computer Science, vol. 963, pp. 70–83. Springer, Heidelberg (1995).

  16. May A.: Cryptanalysis of unbalanced RSA with small CRT-exponent. In: Proceedings of Crypto 2002. Lecture Notes in Computer Science, vol. 2442, pp. 242–256. Springer, Heidelberg (2002).

  17. McKee J.F., Pinch R.: Further attacks on server-aided RSA cryptosystems. http://citeseer.ist.psu.edu/388295.html.

  18. Quisquater J.-J., Couvreur C.: Fast decipherment algorithm for RSA public-key cryptosystem. Electron. Lett. 18, 905–907 (1982)

    Article  Google Scholar 

  19. Ritzenhofen M. On efficiently calculating small solutions of systems of polynomial equations. Ph.D. thesis, Ruhr-University Bochum, Bochum (2010).

  20. Rivest R.L., Shamir A., Adleman L.: A method for obtaining digital signatures and public key cryptosystems. , (1978)

    Article  MathSciNet  Google Scholar 

  21. Sun H.-M., Wu M.-E., Ting W.-C., Hinek M.J.: Dual RSA and its applications. IEEE Trans. Inf. Theory 53(8), 2922–2933 (2007)

    Article  MathSciNet  Google Scholar 

  22. Wiener M.: Cryptanalysis of short RSA secret exponents. IEEE Trans. Inf. Theory 36, 553–558 (1990)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Applied Statistics Unit, Indian Statistical Institute, 203 B T Road, Kolkata, 700108, India

    Santanu Sarkar & Subhamoy Maitra

Authors
  1. Santanu Sarkar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Subhamoy Maitra
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Subhamoy Maitra.

Additional information

This article is a thoroughly revised and extended version of the paper “Cryptanalysis of Dual-CRT RSA” that has been presented in WCC 2011, April 11–15, 2011, Paris, France. Section 4 of this paper contains the additional contribution that did not appear in the workshop version.

This is one of several papers published in Designs, Codes and Cryptography comprising the “Special Issue on Coding and Cryptography”.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Sarkar, S., Maitra, S. Cryptanalytic results on ‘Dual CRT’ and ‘Common Prime’ RSA. Des. Codes Cryptogr. 66, 157–174 (2013). https://doi.org/10.1007/s10623-012-9675-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-012-9675-5

Keywords

Mathematics Subject Classification

Search

Navigation