New Jochemsz–May Cryptanalytic bound for RSA system utilizing common Modulus N = p2q
This paper describes an attack on the Rivest, Shamir and Adleman (RSA) cryptosystem utilizing the modulus N = p 2 q where p and q are two large balanced primes. Let e1 ,e2 < Nγ be the integers such that d1 , d2 < Nδ be their multiplicative inverses. Based on the two key equations e1d1 −...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Published: |
MDPI
2021
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/94352/ https://www.mdpi.com/2227-7390/9/4/340 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | This paper describes an attack on the Rivest, Shamir and Adleman (RSA) cryptosystem
utilizing the modulus N = p
2
q where p and q are two large balanced primes. Let e1
,e2 < Nγ be
the integers such that d1
, d2 < Nδ be their multiplicative inverses. Based on the two key equations
e1d1 − k1φ(N) = 1 and e2d2 − k2φ(N) = 1 where φ(N) = p(p − 1)(q − 1), our attack works when
the primes share a known amount of least significant bits (LSBs) and the private exponents share an
amount of most significant bits (MSBs). We apply the extended strategy of Jochemsz–May to find the
small roots of an integer polynomial and show that N can be factored if δ < 11
10 + 9
4
α − 1
2
β − 1
2
γ −
1
30
p
180γ + 990α − 180β + 64. Our attack improves the bounds of some previously proposed attacks
that makes the RSA variant vulnerable. |
|---|