Reduction in Lossiness of RSA Trapdoor Permutation
We consider the lossiness of RSA trapdoor permutation studied by Kiltz, O’Neill and Smith in Crypto 2010. In Africacrypt 2011, Herrmann improved the cryptanalytic results of Kiltz et al. In this paper, we improve the bound provided by Herrmann, considering the fact that the unknown variables in the central modular equation of the problem are not balanced. We provide detailed experimental results to justify our claim. It is interesting that in many situations, our experimental results are better than our theoretical predictions. Our idea also extends the weak encryption exponents proposed by Nitaj in Africacrypt 2012.
KeywordsMulti-Prime Φ-Hiding Problem Lattice Modular Equation
Unable to display preview. Download preview PDF.
- 5.Howgrave-Graham, N.: Finding Small Roots of Univariate Modular Equations Revisited. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 131–142. Springer, Heidelberg (1997)Google Scholar