Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Designs, Codes and Cryptography
Erschienen in: Designs, Codes and Cryptography 1/2017

22.03.2016

Cryptanalysis of Dual RSA

verfasst von: Liqiang Peng, Lei Hu, Yao Lu, Jun Xu, Zhangjie Huang

Erschienen in: Designs, Codes and Cryptography | Ausgabe 1/2017

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

In 2007, Sun et al. (IEEE Trans Inf Theory 53(8):2922–2933, 2007) presented new variants of RSA, called Dual RSA, whose key generation algorithm outputs two distinct RSA moduli having the same public and private exponents, with an advantage of reducing storage requirements for keys. These variants can be used in some applications like blind signatures and authentication/secrecy. In this paper, we give an improved analysis on Dual RSA and obtain that when the private exponent is smaller than \(N^{0.368}\), the Dual RSA can be broken, where N is an integer with the same bitlength as the modulus of Dual RSA. The point of our work is based on the observation that we can split the private exponent into two much smaller unknown variables and solve a related modular equation on the two unknown variables and other auxiliary variables by making use of lattice based methods. Moreover, we extend this method to analyze the common private exponent RSA scheme, a variant of Dual RSA, and obtain a better bound than previous analyses. While our analyses cannot be proven to work in general, since we rely on some unproven assumptions, our experimental results have shown they work in practice.
Nächster Artikel Direct constructions of large sets of Kirkman triple systems
Anhänge
Nur mit Berechtigung zugänglich
Literatur
1.
Boneh D., Durfee G.: Cryptanalysis of RSA with private key d less than N\({}^{\text{0.292 }}\). IEEE Trans. Inf. Theory 46(4), 1339–1349 (2000).
2.
Bosma W., Cannon J.J., Playoust C.: The magma algebra system I: the user language. J. Symb. Comput. 24(3–4), 235–265 (1997).
3.
Coppersmith D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptol. 10(4), 233–260 (1997).
4.
Gama N., Nguyen P.Q.: Predicting lattice reduction. In: Smart N. (ed.) EUROCRYPT 2008. Lecture Notes in Computer Science, vol. 4965, pp. 31–51. Springer, Heidelberg (2008).
5.
Herrmann M., May A.: Maximizing small root bounds by linearization and applications to small secret exponent RSA. In: Nguyen P.Q., Pointcheval D. (eds.) PKC 2010. Lecture Notes in Computer Science, vol. 6056, pp. 53–69. Springer, Heidelberg (2010)
6.
Hinek M.J.: On the security of some variants of RSA. Ph.D.thesis, University of Waterloo, Waterloo (2007).
7.
Hoffstein J., Pipher J., Silverman J.H.: An Inroduction to Mathematical Cryptography. Springer, Berlin (2008).
8.
Howgrave-Graham N.: Finding small roots of univariate modular equations revisited. In: Darnell M.J. (ed.) Cryptography and Coding 1997. Lecture Notes in Computer Science, vol. 1355, pp. 131–142. Springer, Heidelberg (1997).
9.
Jochemsz E., May A.: A strategy for finding roots of multivariate polynomials with new applications in attacking RSA variants. In: Lai X., Chen K. (eds.) ASIACRYPT 2006. Lecture Notes in Computer Science, vol. 4284, pp. 267–282. Springer, Heidelberg (2006).
10.
Joye M.: RSA moduli with a predetermined portion: techniques and applications. In: Chen L., Mu Y., Susilo, W. (eds.) ISPEC 2008. Lecture Notes in Computer Science, vol. 4991, pp. 116–130. Springer, Heidelberg (2008).
11.
Kleinjung T., Aoki K., Franke J., Lenstra A.K., Thomé E., Bos J.W., Gaudry P., Kruppa A., Montgomery P.L., Osvik D.A., te Riele H.J.J., Timofeev A., Zimmermann P.: Factorization of a 768-bit RSA modulus. In: Rabin T. (ed.) CRYPTO 2010. Lecture Notes in Computer Science, vol. 6223, pp. 333–350. Springer, Heidelberg (2010).
12.
Lenstra A.K.: Generating RSA moduli with a predetermined portion. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. Lecture Notes in Computer Science, vol. 1514, pp. 1–10. Springer, Heidelberg (1998).
13.
Lenstra A.K., de Weger B.M.M.: Twin RSA. In: Dawson E., Vaudenay S. (eds.) Mycrypt 2005. Lecture Notes in Computer Science, vol. 3715, pp. 222–228. Springer, Heidelberg (2005).
14.
Lenstra A.K., Lenstra H.W., Lovász L.: Factoring polynomials with rational coefficients. Math. Ann. 261(4), 515–534 (1982).
15.
Lenstra A.K., Tromer E., Shamir A., Kortsmit W., Dodson B., Hughes J.P., Leyland P.C.: Factoring estimates for a 1024-bit RSA modulus. In: Laih C.S. (ed.) ASIACRYPT 2003. Lecture Notes in Computer Science, vol. 2894, pp. 55–74. Springer, Heidelberg (2003).
16.
Nguyen P.Q., Vallée B. (eds.): The LLL Algorithm—Survey and Applications. Series in Information Security and Cryptography. Springer, Heidelberg (2010).
17.
Peng L., Hu L., Xu J., Huang Z., Xie Y.: Further improvement of factoring RSA moduli with implicit hint. In: Pointcheval D., Vergnaud D. (eds.) AFRICACRYPT 2014. Lecture Notes in Computer Science, vol. 8469, pp. 165–177. Springer International Publishing, Switzerland (2014).
18.
Rivest R.L., Shamir A., Adleman L.M.: A method for obtaining digital signatures and public-key cryptosystems (reprint). Commun. ACM 26(1), 96–99 (1983).
19.
Sarkar S., Maitra S.: Cryptanalytic results on ’Dual CRT’ and ’Common Prime’ RSA. Des. Codes Cryptogr. 66(1–3), 157–174 (2013).
20.
Shparlinski I.: On RSA moduli with prescribed bit patterns. Des. Codes Cryptogr. 39(1), 113–122 (2006).
21.
Sun H., Wu M., Ting W., Hinek M.J.: Dual RSA and its security analysis. IEEE Trans. Inf. Theory 53(8), 2922–2933 (2007).
22.
Takagi T.: Fast RSA-type cryptosystem modulo p\({}^{\rm {k}}\)q. In: Krawczyk H. (ed.) CRYPTO 1998. Lecture Notes in Computer Science, vol. 1462, pp. 318–326. Springer, Heidelberg (1998).
23.
Takayasu A., Kunihiro N.: Better lattice constructions for solving multivariate linear equations modulo unknown divisors. IEICE Trans. 97-A(6), 1259–1272 (2014).
24.
Takayasu A., Kunihiro N.: Partial key exposure attacks on RSA: achieving the boneh-durfee bound. In: Joux A., Youssef A.M. (eds.) SAC 2014. Lecture Notes in Computer Science, vol. 8781, pp. 345–362. Springer International Publishing, Switzerland (2014).
25.
Vanstone S.A., Zuccherato R.J.: Short RSA keys and their generation. J. Cryptol. 8(2), 101–114 (1995).
26.
Wiener M.J.: Cryptanalysis of short RSA secret exponents. IEEE Trans. Inf. Theory 36(3), 553–558 (1990).
Metadaten
Titel
Cryptanalysis of Dual RSA
verfasst von
Liqiang Peng
Lei Hu
Yao Lu
Jun Xu
Zhangjie Huang
Publikationsdatum
22.03.2016
Verlag
Springer US
Erschienen in
Designs, Codes and Cryptography / Ausgabe 1/2017
Print ISSN: 0925-1022
Elektronische ISSN: 1573-7586
DOI
https://doi.org/10.1007/s10623-016-0196-5

Weitere Artikel der Ausgabe 1/2017

Designs, Codes and Cryptography 1/2017 Zur Ausgabe

OriginalPaper

Three new classes of optimal frequency-hopping sequence sets

OriginalPaper

Codes with the identifiable parent property for multimedia fingerprinting

OriginalPaper

Complete weight enumerators of a class of linear codes

OriginalPaper

Direct constructions of large sets of Kirkman triple systems

OriginalPaper

A case study in almost-perfect security for unconditionally secure communication

OriginalPaper

On linear codes admitting large automorphism groups