Protocol failures for RSA-like functions using Lucas sequences and elliptic curves

  • Marc Joye
  • Jean-Jacques Quisquater
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1189)

Abstract

We show that the cryptosystems based on Lucas sequences and on elliptic curves over a ring are insecure when a linear relation is known between two plaintexts that are encrypted with a “small” public exponent. This attack is already known for the classical RSA system, but the proofs and the results here are different.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Alfred V. Aho, John E. Hopcropft, and Jeffrey D. Ullman. The design and analysis of computer programming. Addison-Wesley, 1974.Google Scholar
  2. 2.
    Daniel Bleichenbacher, Wieb Bosma, and Arjen K. Lenstra. Some remarks on Lucas-based cryptosystems. In D. Coppersmith, editor, Advances in Cryptology — Crypto '95, vol. 963 of Lectures Notes in Computer Science, pp. 386–396, Springer-Verlag, 1995.Google Scholar
  3. 3.
    David M. Bressoud. Factorization and primality testing. Undergraduate Texts in Mathematics, Springer-Verlag, 1989.Google Scholar
  4. 4.
    Henri Cohen. A course in computational algebraic number theory. Number 138 in Graduate Texts in Mathematics. Springer-Verlag. 1993.Google Scholar
  5. 5.
    Don Coppersmith. Finding a small root of an univariate modular equation. IBM Research Report, RC 20223, Nov. 1995.Google Scholar
  6. 6.
    Don Coppersmith, Matthew Franklin, Jacques Patarin, and Michael Reiter. Low exponent RSA with related messages. To appear in Eurocrypt '96.Google Scholar
  7. 7.
    N. Demytko. A new elliptic curve based analogue of RSA. In T. Helleseth, editor, Advances in Cryptology — Eurocrypt '95, volume 765 of Lectures Notes in Computer Science pages 40–49. Springer-Verlag, 1993.Google Scholar
  8. 8.
    Whitfield Diffie, and Martin E. Hellman. New directions in Cryptography. IEEE Trans. on Information Theory, vol. IT-26, no. 6, pp. 644–654, Nov. 1976.Google Scholar
  9. 9.
    Matthew K. Franklin, and Michael K. Reiter. A linear protocol failure for RSA with exponent three. Preliminary note for Crypto '95 rump session.Google Scholar
  10. 10.
    Johan Håstad. On using RSA with low exponent in a public key network. In H.C. Williams, editor, Advances in Cryptology — Crypto '85, vol. 218 of Lectures Notes in Computer Science, pp. 404–408, Springer-Verlag, 1986.Google Scholar
  11. 11.
    Dale Husemöller. Elliptic curves. Number 111 in Graduate Texts in Mathematics. Springer-Verlag, 1987.Google Scholar
  12. 12.
    Marc Joye, and Jean-Jacques Quisquater. Protocol failures for RSA-like functions using Lucas sequences and elliptic curves. UCL Crypto Group Technical Report, CG-1995/4, Dec. 1995.Google Scholar
  13. 13.
    Burton S. Kaliski, Jr. A chosen attack on Demytko's elliptic curve cryptosystem. To appear in Journal of Cryptology.Google Scholar
  14. 14.
    Donald E. Knuth. The art of computer programming: Volume 2/Seminumerical algorithms. 2nd ed., Reading, MA, Addison-Wesley Publishing Company, 1981.Google Scholar
  15. 15.
    Neal Koblitz. A course in number theory and Cryptography. Number 114 in Graduate Texts in Mathematics. Springer-Verlag, 2nd edition, 1994.Google Scholar
  16. 16.
    Kenji Koyama, Ueli M. Maurer. Tatsuaki Okamoto, and Scott A. Vanstone. New public-key schemes based on elliptic curves over the ring ℤn. In J. Feigenbaum, editor, Advances in Cryptology — Crypto '91, volume 576 of Lectures Notes in Computer Science, pages 252–266. Springer-Verlag, 1991.Google Scholar
  17. 17.
    H. Kuwakado, and K. Koyama. Security of RSA-type cryptosystems over elliptic curves against Håstad attack. Electronics Letters, vol. 30, no. 22, pp. 1843–1844, Oct. 1994.CrossRefGoogle Scholar
  18. 18.
    C.-S. Laih, F-K. Tu, and W.-C. Tai. Remarks on LUC public key system. Electronics Letters, vol. 30, no. 2, pp. 123–124, Jan. 1994.CrossRefGoogle Scholar
  19. 19.
    Chi-Sung Laih, Fu-Kuan Tu, and Wen-Chung Tai. On the security of the Lucas function. Informations Processing Letters 53, pp. 243–247, 1995.CrossRefGoogle Scholar
  20. 20.
    Alfred Menezes, Minghua Qu, and Scott Vanstone. Standard for RSA, DiffieHellman and related public-key cryptography. Working draft of IEEE P1363 Standard, chapter 6, April 1995.Google Scholar
  21. 21.
    Alfred J. Menezes. Elliptic curve public key Cryptosystems. Kluwer Academic Publishers, 1993.Google Scholar
  22. 22.
    Winfried B. Müller, and Rupert Nöbauer. Some remarks on public-key cryptosystems. Sci. Math. Hungar., vol. 16, pp. 71–76, 1981.Google Scholar
  23. 23.
    Winfried B. Müller, and Rupert Nöbauer. Cryptanalysis of the Dickson-scheme. In F. Pichler, editor, Advances in Cryptology — Eurorypt '85, vol. 219 of Lectures Notes in Computer Science, pp. 50–61, Springer-Verlag, 1986.Google Scholar
  24. 24.
    S. Murphy. Remarks on the LUC public key system. Electronics Letters, vol. 30, no, 7, pp. 558–559, March 1994.CrossRefGoogle Scholar
  25. 25.
    Jacques Patarin. Some serious protocol failures for RSA with exponent e of less than-32 bits. Presented at the conference of cryptography, CIRM Luminy, France, 25–29 Sept. 1995.Google Scholar
  26. 26.
    R.G.E. Pinch. Extending the Håstad attack to LUC. Electronics Letters, vol. 31, no. 21, pp. 1827–1828, Oct. 1995.CrossRefGoogle Scholar
  27. 27.
    Paulo Ribenboim. The little book of big primes. Springer-Verlag, 1991.Google Scholar
  28. 28.
    Hans Riesel. Prime numbers and computers methods for factorization. Progress in Mathematics, vol. 57, Birkhäuser, 1985.Google Scholar
  29. 29.
    R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, pp. 120–126, 1978.CrossRefGoogle Scholar
  30. 30.
    Joseph H. Silverman. The arithmetic of elliptic curves. Number 106 in Graduate Texts in Mathematics. Springer-Verlag, 1986.Google Scholar
  31. 31.
    Peter J. Smith, and Michael J. J. Lennon. LUC: A new public key system. In E. G. Douglas, editor, Ninth IFIP Symposium on Computer Security, pp. 103–117. Elsevier Science Publishers, 1993.Google Scholar
  32. 32.
    Peter Smith. LUC public-key encryption. Dr. Dobb's Journal, pp. 44–49, Jan. 1993.Google Scholar

Copyright information

© Springer-Verlag 1997

Authors and Affiliations

  • Marc Joye
    • 1
  • Jean-Jacques Quisquater
    • 2
  1. 1.UCL Crypto Group, Dép. de MathématiqueUniversité de Louvain Chemin du CyclotronLouvain-la-NeuveBelgium
  2. 2.UCL Crypto Group, Dép. d'ÉlectricitéUniversité de Louvain Place du LevantLouvain-la-NeuveBelgium

Personalised recommendations