Abstract
The RSA cryptosystem comprises of two important features that are needed for encryption process known as the public parameter e and the modulus N. In 1999, a cryptanalysis on RSA which was described by Boneh and Durfee focused on the key equation \(ed-k\phi (N)=1\) and e of the same magnitude to N. Their method was applicable for the case of \(d<N^{0.292}\) via Coppersmith’s technique. In 2012, Kumar et al. presented an improved Boneh-Durfee attack using the same equation which is valid for any e with arbitrary size. In this paper, we present an exponential increment of the two former attacks using the variant equation \(ea-\phi (N)b=c\). The new attack breaks the RSA system when a and |c| are suitably small integers. Moreover, the new attack shows that the Boneh-Durfee attack and the attack of Kumar et al. can be derived using a single attack. We also showed that our bound manage to improve the bounds of Ariffin et al. and Bunder and Tonien.
Similar content being viewed by others
References
Ariffin MRK, Abubakar SI, Yunos F, Asbullah MA (2019) New cryptanalytic attack on RSA modulus \(N= pq\) using small prime difference method. Cryptography 3(1). https://doi.org/10.3390/cryptography3010002
Blömer J, May A (2004) A generalized Wiener attack on RSA. In: LNCS of PKC, vol. 12. pp 1–13. https://doi.org/10.1007/978-3-540-24632-9_1
Boneh D, Durfee G (1999) Cryptanalysis of RSA with private key \(d\) less than \(N^{0.292}\). In: LNCS of Advances in Cryptology-EUROCRYPT’99, vol. 12. pp 1–13. https://doi.org/10.1007/3-540-48910-X_1
Bunder MW, Tonien J (2017) A new attack on the RSA cryptosystem based on continued fractions. Malaysian J Math Sci 11(S):45–57
Coron JS (2004) Finding small roots of bivariate integer polynomial equations revisited. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, pp 492-505
Coppersmith D (1997) Small solutions to polynomial equations, and low exponent RSA vulnerabilities. In: LNCS of Advances in Cryptology-EUROCRYPT’99, vol. 10. pp 233–260. https://doi.org/10.1007/s001459900030
Diffie W, Hellman M (1976) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654. https://doi.org/10.1109/TIT.1976.1055638
Galbraith SD (2012) Mathematics of public key cryptography. Cambridge University Press
Herrmann M, May A (2010) Maximizing small root bounds by linearization and applications to small secret exponent RSA. In: LNCS of PKC. pp 53–69. https://doi.org/10.1007/978-3-642-13013-7_4
Hinek MJ (2009) Cryptanalysis of RSA and its variants. CRC Press
Hoffstein J, Pipher J, Silverman JH, Silverman J H (2008) An Introduction to Mathematical Cryptography, Vol. 1. New York: Springer
Howgrave-Graham N (1997) Finding small roots of univariate modular equations revisited. In: LNCS of Cryptography and Coding. pp 131–142. https://doi.org/10.1007/BFb0024458
Jochemsz E, May A (2006) A strategy for finding roots of multivariate polynomials with new applications in attacking RSA variants. In: LNCS of Advances in Cryptology-ASIACRYPT 2006. pp 267–282. https://doi.org/10.1007/11935230_18
Kumar S, Narasimam C, Pallam Setty S (2012) Generalization of Boneh- Durfee’s attack for arbitrary public exponent RSA. Int J Comput Appl 49:39–42. https://doi.org/10.5120/7880-1190
Lenstra AK, Lenstra HW, Lovász L (1982) Factoring polynomials with rational coeffficients. Math Ann 261:513–534. https://doi.org/10.1007/BF01457454
May A (2003) New RSA vulnerabilities using lattice reduction methods (Doctoral dissertation, University of Paderborn)
Nitaj A (2009) Cryptanalysis of RSA using the ratio of the primes. In AFRICACRYPT 2009. Springer, Berlin, Heidelberg, pp 98-115. https://doi.org/10.1007/978-3-642-02384-2_7
Quisquater J-J, Couvreur C (1982) Fast decipherment algorithm for RSA public key cryptosystem. Electron Lett 18(21):905–907
Rabin MO (1979) Digitalized signatures and public-key functions as intractable as factorization. Massachusetts Inst of Tech Cambridge Lab for Computer Science
Rivest R, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21:120–126. https://doi.org/10.1145/357980.358017
Sun HM, Yang WC, Laih CS (1999) On the design of RSA with short secret exponent. In International Conference on the Theory and Application of Cryptology and Information Security. Springer, Berlin, Heidelberg, pp 150–164
Takagi T (2004) A fast RSA-type public-key primitive modulo \(p^kq\) using Hensel lifting. IEICE Trans Fundam Electron Commun Comput Sci 87(1):94–101
Weger BD (2002) Cryptanalysis of RSA with small prime difference. Appl Algebra Eng Commun Comput 13(1):17–28
Wiener M (1990) Cryptanalysis of short RSA secret exponents. IEEE Trans Inf Theory 36:553–558. https://doi.org/10.1109/18.54902
Funding
The research was supported by Mediterranea Universiti of Reggio Calabria (UNIRC) Research Grant (UPM/INSPEM/700-3/1/GERAN ANTARABA NGSA/6380071-10065). The present research was partially supported by the Putra Grant with Project Number GP-IPS/2018/9657300.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Nitaj, A., Ariffin, M.R.K., Adenan, N.N.H. et al. Exponential increment of RSA attack range via lattice based cryptanalysis. Multimed Tools Appl 81, 36607–36622 (2022). https://doi.org/10.1007/s11042-021-11335-8
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-021-11335-8