Ellen Jochemsz scite author profile

Wiener's famous attack on RSA with d < N 0.25 shows that using a small d for an efficient decryption process makes RSA completely insecure. As an alternative, Wiener proposed to use the Chinese Remainder Theorem in the decryption phase, where dp = d mod (p − 1) and dq = d mod (q − 1) are chosen significantly smaller than p and q. The parameters dp, dq are called private CRT-exponents. Since Wiener's proposal in 1990, it has been a challenging open question whether there exists a polynomial time attack on small private CRT-exponents. In this paper, we give an affirmative answer to this question, and show that a polynomial time attack exists if dp and dq are smaller than N 0.073 .

show abstract

A Partial Key Exposure Attack on RSA Using a 2-Dimensional Lattice

Jochemsz

Weger

2006

View full text Add to dashboard Cite

Abstract. We describe an attack on the RSA cryptosystem when the private exponent d is chosen to be 'small', under the condition that a sufficient amount of bits of d is available to the attacker. The attack uses a 2-dimensional lattice and is therefore (in the area of the keyspace where it applies) more efficient than known attacks using Coppersmith techniques. Moreover, we show that the attacks of Wiener and Verheul/Van Tilborg, using continued fractions techniques, are special deterministic cases of our attack, which in general is heuristic.

show abstract

Cryptanalysis of RSA variants using small roots of polynomials

Jochemsz

2007

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ellen Jochemsz

Partial Key Exposure Attacks on RSA up to Full Size Exponents

A Strategy for Finding Roots of Multivariate Polynomials with New Applications in Attacking RSA Variants

A Polynomial Time Attack on RSA with Private CRT-Exponents Smaller Than N 0.073

A Partial Key Exposure Attack on RSA Using a 2-Dimensional Lattice

Cryptanalysis of RSA variants using small roots of polynomials

Contact Info

Product

Resources

About