Advertisement

A Generalized Attack on Some Variants of the RSA Cryptosystem

  • Abderrahmane Nitaj
  • Yanbin Pan
  • Joseph Tonien
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11349)

Abstract

Let \(N=pq\) be an RSA modulus with unknown factorization. The RSA cryptosystem can be attacked by using the key equation \(ed-k(p-1)(q-1)=1\). Similarly, some variants of RSA, such as RSA combined with singular elliptic curves, LUC and RSA with Gaussian primes can be attacked by using the key equation \(ed- k\left( p^2-1\right) \left( q^2-1\right) =1\). In this paper, we consider the more general equation \(eu-\left( p^2-1\right) \left( q^2-1\right) v=w\) and present a new attack that finds the prime factors p and q in the case that u, v and w satisfy some specific conditions. The attack is based on Coppersmith’s technique and improves the former attacks.

Keywords

RSA variants Coppersmith’s technique Lattice reduction 

References

  1. 1.
    Blömer, J., May, A.: A generalized Wiener attack on RSA. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 1–13. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-24632-9_1CrossRefGoogle Scholar
  2. 2.
    Boneh, D., Durfee, G.: Cryptanalysis of RSA with private key d less than N0.292. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 1–11. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48910-X_1CrossRefGoogle Scholar
  3. 3.
    Boneh, D.: Twenty years of attacks on the RSA cryptosystem. Notices Am. Math. Soc. 46(2), 203–213 (1999)MathSciNetzbMATHGoogle Scholar
  4. 4.
    Boneh, D., Shacham, H.: Fast variants of RSA. CryptoBytes 5(1), 1–9 (2002)Google Scholar
  5. 5.
    Bunder, M., Nitaj, A., Susilo, W., Tonien, J.: A new attack on three variants of the RSA cryptosystem. In: Liu, J.K., Steinfeld, R. (eds.) ACISP 2016. LNCS, vol. 9723, pp. 258–268. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-40367-0_16CrossRefGoogle Scholar
  6. 6.
    Bunder, M., Nitaj, A., Susilo, W., Tonien, J.: A generalized attack on RSA type cryptosystems. Theor. Comput. Sci. 704, 74–81 (2017)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Castagnos, G.: An efficient probabilistic public-key cryptosystem over quadratic field quotients. Finite Fields Appl. 13(3–13), 563–576 (2007)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptol. 10(4), 233–260 (1997)MathSciNetCrossRefGoogle Scholar
  9. 9.
    Elkamchouchi, H., Elshenawy, K., Shaban, H., Extended RSA cryptosystem and digital signature schemes in the domain of Gaussian integers. In: Proceedings of the 8th International Conference on Communication Systems, pp. 91–95 (2002)Google Scholar
  10. 10.
    Hinek, M.J.: Cryptanalysis of RSA and its Variants. Chapman & Hall/CRC Cryptography and Network Security. CRC Press, Boca Raton (2010)zbMATHGoogle Scholar
  11. 11.
    Howgrave-Graham, N.: Finding small roots of univariate modular equations revisited. In: Darnell, M. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 131–142. Springer, Heidelberg (1997).  https://doi.org/10.1007/BFb0024458CrossRefGoogle Scholar
  12. 12.
    Jochemsz, E., May, A.: A strategy for finding roots of multivariate polynomials with new applications in attacking RSA variants. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 267–282. Springer, Heidelberg (2006).  https://doi.org/10.1007/11935230_18CrossRefzbMATHGoogle Scholar
  13. 13.
    Kuwakado, H., Koyama, K., Tsuruoka, Y.: A new RSA-type scheme based on singular cubic curves \(y^2=x^3+bx^2~(\text{ mod } \; n)\). IEICE Trans. Fundam. E78–A, 27–33 (1995)Google Scholar
  14. 14.
    Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 513–534 (1982)MathSciNetCrossRefGoogle Scholar
  15. 15.
    May, A.: New RSA vulnerabilities using lattice reduction methods. Ph.D. thesis. University of Paderborn (2003). http://www.cits.rub.de/imperia/md/content/may/paper/bp.ps
  16. 16.
    May, A.: Using LLL-reduction for solving RSA and factorization problems. In: Nguyen, P., Vallée, B. (eds.) The LLL Algorithm. Information Security and Cryptography, pp. 315–348. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-642-02295-1_10CrossRefGoogle Scholar
  17. 17.
    Peng, L., Hu, L., Lu, Y., Wei, H.: An improved analysis on three variants of the RSA cryptosystem. In: Chen, K., Lin, D., Yung, M. (eds.) Inscrypt 2016. LNCS, vol. 10143, pp. 140–149. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-54705-3_9CrossRefGoogle Scholar
  18. 18.
    Quisquater, J.J., Couvreur, C.: Fast decipherment algorithm for RSA public-key cryptosystem. Electron. Lett. 18(21), 905–907 (1982)CrossRefGoogle Scholar
  19. 19.
    Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Smith, P.J., Lennon, G.J.J.: LUC: a new public key cryptosystem. In: Ninth IFIP Symposium on Computer Science Security, pp. 103–117. Elseviver Science Publishers (1993)Google Scholar
  21. 21.
    Takagi, T.: Fast RSA-type cryptosystem modulo pkq. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 318–326. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0055738CrossRefGoogle Scholar
  22. 22.
    Wiener, M.: Cryptanalysis of short RSA secret exponents. IEEE Trans. Inf. Theory 36, 553–558 (1990)MathSciNetCrossRefGoogle Scholar
  23. 23.
    Zheng, M., Kunihiro, N., Hu, H.: Cryptanalysis of RSA variants with modified Euler quotient. In: Joux, A., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2018. LNCS, vol. 10831, pp. 266–281. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-89339-6_15CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Laboratoire de Mathématiques Nicolas OresmeUniversité de Caen NormandieCaenFrance
  2. 2.Key Laboratory of Mathematics Mechanization, NCMIS, Academy of Mathematics and Systems ScienceChinese Academy of SciencesBeijingChina
  3. 3.School of Computing and Information TechnologyUniversity of WollongongWollongongAustralia

Personalised recommendations