RSA Vulnerabilities with Small Prime Difference
The security of the RSA cryptosystem is based on the assumption that recovering the private key from a public pair is a hard task. However, if the private key is smaller than some bound the system is considered to be insecure. An RSA modulus with a small difference of its prime factors also significantly reduces the overall security. We show that the bound on small private key with respect to small prime difference can be further improved. Therefore, we adapt the technique of unravelled linearization for constructing lattices and although the adapted unravelled linearization is only a method for generating lattices in more elegant way, we yield a benefit compared to known bounds.
KeywordsRSA unravelled linearization prime difference small secret exponent
Unable to display preview. Download preview PDF.
- 1.Boneh, D., Durfee, G.: Cryptanalysis of RSA with Private Key d Less than N 0.292. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 1–11. Springer, Heidelberg (1999)Google Scholar
- 7.Howgrave-Graham, N.: Finding Small Roots of Univariete Modular Equations Revisited. In: Möhring, R.H. (ed.) WG 1997. LNCS, vol. 1335, pp. 131–142. Springer, Heidelberg (1997)Google Scholar
- 10.The PARI Group, Bordeaux: PARI//GP, version 2.5.0 (2011), http://pari.math.u-bordeaux.fr
- 11.Shoup, V.: NTL: A Library for Doing Number Theory (2003), http://www.shoup.net/ntl
- 12.Schnorr, C.P.: Block Korkin-Zolotarev Bases and Succesiva Minima (1996)Google Scholar