Skip to main content
SpringerLink
Log in

Small secret exponent attack on RSA variant with modulus \(N=p^rq\)

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

We consider an RSA variant with Modulus \(N=p^rq\). This variant is known as Prime Power RSA. In PKC 2004, May proved when decryption exponent \(d<N^{ \frac{r}{(r+1)^2}}\) or \(d< N^{\left( \frac{r-1}{r+1}\right) ^2}\), one can factor \(N\) in polynomial time. In this paper, we improve this bound when \(r \le 5\). We provide detailed experimental results to justify our claim.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Bauer A., Joux A.: Toward a rigorous variation of Coppersmith’s algorithm on three variables. In: Eurocrypt 2007. LNCS, vol. 4515, pp. 361–378. Springer, Berlin, Heidelberg (2007).

  2. Boneh D.: Twenty years of attacks on the RSA cryptosystem. Not. Am. Math. Soc. 46(2), 203–213 (1999).

    Google Scholar 

  3. Boneh D., Durfee G.: Cryptanalysis of RSA with private key \(d\) less than \(N^{0.292}\). In: Eurocrypt 1999. LNCS, vol. 1592, pp. 1–11. Springer, Berlin, Heidelberg (1999).

  4. Boneh D., Durfee G.: Cryptanalysis of RSA with private key \(d\) less than \(N^{0.292}\). IEEE Trans. Inform. Theory 46(4), 1339–1349 (2000).

  5. Boneh D., Durfee G., Howgrave-Graham N.: Factoring \(N = p^{r}q\) for large \(r\). In: Crypto 1999. LNCS, vol. 1666, pp. 326–337. Springer, Berlin, Heidelberg (1999).

  6. Coppersmith D.: Small solutions to polynomial equations and low exponent vulnerabilities. J. Cryptol. 10(4), 223–260 (1997).

    Google Scholar 

  7. Cox D., Little J., O’Shea D.: Ideals, Varieties, and Algorithms: An Introduction to Computational Algebraic Geometry and Commutative Algebra, 3rd edn. Springer, New York (2007).

  8. Durfee G., Nguyen P.: Cryptanalysis of the RSA schemes with short secret exponent from Asiacrypt ’99. In: Asiacrypt 2000. LNCS, vol. 1976, pp. 14–29. Springer, Berlin, Heidelberg (2000).

  9. Fujioka A., Okamoto T., Miyaguchi S.: ESIGN: An efficient digital signature implementation for smard cards. In: Eurocrypt 1991. LNCS, vol. 547, pp. 446–457. Springer, Berlin, Heidelberg (1991).

  10. Håstad J.: On using RSA with low exponent in public key network. In: Advances in Cryplogy-CRYPTO’85 Proceedings. Lecture Notes in Computer Science, pp. 403–408. Springer, New York (1986).

  11. Howgrave-Graham N.: Finding small roots of univariate modular equations revisited. In: Proceedings of IMA International Conference on Cryptography and Coding. LNCS, vol. 1355, pp. 131–142. Springer, Berlin, Heidelberg (1997).

  12. Itoh K., Kunihiro N., Kurosawa K.: Small secret key attack on a variant of RSA (due to Takagi). In: CT-RSA 2008. LNCS, vol. 4964, pp. 387–406. Springer, Berlin, Heidelberg (2008).

  13. Itoh K., Kunihiro N., Kurosawa K.: Small secret key attack on a Takagi’s variant of RSA. IEICE Trans. A 92(1), 33–41 (2009).

    Google Scholar 

  14. Jochemsz E.: Cryptanalysis of RSA variants using small roots of polynomials. Ph.D. Thesis, Technische Universiteit Eindhoven (2007).

  15. Lenstra A.K., Lenstra Jr. H.W., Lovász L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 515–534 (1982).

  16. Lenstra Jr. H.W.: Factoring integers with elliptic curves. Ann. Math. 126, 649–673 (1987).

    Google Scholar 

  17. May A.: Secret exponent attacks on RSA-type schemes with moduli \(N= p^{r}q\). In: PKC 2004. LNCS, vol. 2947, pp. 218–230. Springer, Berlin, Heidelberg (2004).

  18. May A.: Using LLL-reduction for solving RSA and factorization problems: a survey. In: LLL\(+25\) Conference in Honour of the 25th Birthday of the LLL Algorithm. Springer, Berlin, Heidelberg (2007).

  19. Okamoto T., Uchiyama S.: A New public key cryptosystem as secure as factoring. In: Eurocrypt 1998. LNCS, vol. 1403, pp. 308–318. Springer, Berlin, Heidelberg (1998).

  20. Peralta R., Okamoto T.: Faster factoring of integers of special form. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. A E79(4), 489–493 (1996).

  21. Rivest R.L., Shamir A., Adleman L.: A method for obtaining digital signatures and public key cryptosystems. Commun. ACM 21(2), 158–164 (1978).

    Google Scholar 

  22. Sun H.M., Yang W.C., Laih C.S.: On the design of RSA with short secret exponent. In: Asiacrypt 1999. LNCS, vol. 1716, pp. 150–164. Springer, Berlin, Heidelberg (1999).

  23. Takagi T.: Fast RSA-type cryptosystem modulo \(p^{k}q\). In: Crypto 1998. LNCS, vol. 1462, pp. 318–326. Springer, Berlin, Heidelberg (1998).

  24. Wiener M.: Cryptanalysis of short RSA secret exponents. IEEE Trans. Inform. Theory 36(3), 553–558 (1990).

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Chennai Mathematical Institute, Chennai, India

    Santanu Sarkar

Authors
  1. Santanu Sarkar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Santanu Sarkar.

Additional information

This is one of several papers published in Designs, Codes and Cryptography comprising the “Special Issue on Coding and Cryptography”.

This is a thoroughly revised and extended version of the paper “Small Secret Exponent Attack on RSA Variant with Modulus \(N=p^2q\)” that has been presented in WCC 2013, April 15–19, 2013, Bergen, Norway. In this paper, we consider the general case \(N=p^rq\) for \(r \ge 2\).

Rights and permissions

Reprints and permissions

About this article

Cite this article

Sarkar, S. Small secret exponent attack on RSA variant with modulus \(N=p^rq\) . Des. Codes Cryptogr. 73, 383–392 (2014). https://doi.org/10.1007/s10623-014-9928-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-014-9928-6

Keywords

Mathematics Subject Classification

Search

Navigation