2011 | OriginalPaper | Buchkapitel
Partial Key Exposure: Generalized Framework to Attack RSA
verfasst von : Santanu Sarkar
Erschienen in: Progress in Cryptology – INDOCRYPT 2011
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
In the domain of modern public key cryptography, RSA is the most popular system in use. Efficient factorization of the RSA modulus
N
, constituted as a product of two primes
p
,
q
of ‘large’ bitsize, is a challenging problem in RSA cryptanalysis. The solution to this factorization is aided if the attacker gains partial knowledge about the decryption exponent of RSA. This line of attack is called the Partial Key Exposure attack, and there exists an extensive literature in this direction.
In this paper, we study partial key exposure attacks on RSA where the number of unexposed blocks in the decryption exponent is more than one. The existing works have considered only one unexposed block and thus our work provides a generalization of the existing attacks. We propose lattice based approaches to factorize the RSA modulus
N
=
pq
(for large primes
p
,
q
) when the number of unexposed blocks is
n
≥ 1. We also analyze the ISO/IEC 9796-2 standard signature scheme (based on CRT-RSA) with partially known messages.