2010 | OriginalPaper | Buchkapitel
Maximizing Small Root Bounds by Linearization and Applications to Small Secret Exponent RSA
verfasst von : Mathias Herrmann, Alexander May
Erschienen in: Public Key Cryptography – PKC 2010
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
We present an elementary method to construct optimized lattices that are used for finding small roots of polynomial equations. Former methods first construct some large lattice in a generic way from a polynomial
f
and then optimize via finding suitable smaller dimensional sublattices. In contrast, our method focuses on optimizing
f
first which then directly leads to an optimized small dimensional lattice.
Using our method, we construct the first elementary proof of the Boneh-Durfee attack for small RSA secret exponents with
d
≤
N
0.292
. Moreover, we identify a sublattice structure behind the Jochemsz-May attack for small CRT-RSA exponents
$d_p, d_q \leq N^{0.073}$
. Unfortunately, in contrast to the Boneh-Durfee attack, for the Jochemsz-May attack the sublattice does not help to improve the bound asymptotically. Instead, we are able to attack much larger values of
d
p
,
d
q
in practice by LLL reducing smaller dimensional lattices.