Skip to main content

Extending Wiener’s Attack in the Presence of Many Decrypting Exponents

Part of the Lecture Notes in Computer Science book series (LNCS,volume 1740)

Abstract

Wiener has shown that when the RSA protocol is used with a decrypting exponent, d, which is less than N 1/4 and an encrypting exponent, e, approximately the same size as N, then d can usually be found from the continued fraction approximation of e/N. We extend this attack to the case when there are many ei for a given N, all with small d i . For the case of two such e i , the d i can (heuristically) be as large as N 5/14 and still be efficiently recovered. As the number of encrypting exponents increases the bound on the d i , which enables efficient recovery of the d i , increases (slowly) to N 1-∈. However, the complexity of our method is exponential in the number of exponents present, and therefore only practical for a relatively small number of them.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/3-540-46701-7_14
  • Chapter length: 14 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   64.99
Price excludes VAT (USA)
  • ISBN: 978-3-540-46701-4
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   84.99
Price excludes VAT (USA)

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  • B. D. Boneh, “Twenty years of attacks on RSA”, Notices of the AMS Vol. 46, pp. 203–213, 1999.

    MATH  MathSciNet  Google Scholar 

  • BD. D. Boneh, G. Durfee, “New results on the cryptanalysis of low exponent RSA”, to appear in Proc. of EUROCRYPT’ 99.

    Google Scholar 

  • D. J. M. DeLaurentis, “A further weakness in the common modulus protocol for the RSA cryptoalgorithm”, Cryptologia Vol. 8, pp. 253–259, 1984.

    CrossRef  MathSciNet  Google Scholar 

  • G. C. R. Guo, “An application of diophantine approximation in computer security”, to appear in Mathematics of Computation.

    Google Scholar 

  • HW. G. H. Hardy, E. M. Wright, An introduction to the theory of numbers, 5th edn., Oxford University Press, 1979.

    Google Scholar 

  • LLL. A. K. Lenstra, H. W. Lenstra, L. Lovasz, “Factoring polynomials with integer coefficients”, Mathematische Annalen Vol. 261, pp. 513–534, 1982.

    CrossRef  MathSciNet  Google Scholar 

  • M. J. H. Moore, “Protocol failures in cryptosystems”, in G. J. Simmons (ed.), Contemporary Cryptology, IEEE Press, 1992.

    Google Scholar 

  • RSA. R. L. Rivest, A. Shamir, L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems”, Commun. ACM Vol. 21, pp. 120–126, 1978.

    MATH  CrossRef  MathSciNet  Google Scholar 

  • Sh. V. Shoup, “Number Theory Library (NTL)”, http://www.cs.wisc.edu/~shoup.ntl.

  • Si. G. J. Simmons, “A `weak’ privacy protocol using the RSA cryptalgorithm”, Cryptologia Vol. 7, pp. 180–182, 1983.

    MATH  CrossRef  Google Scholar 

  • VvT. E. R. Verheul, H. C. A. van Tilborg, “Cryptanalysis of `Less Short’ RSA secret exponents”, Applicable Algebra in Engeneering, Communication and Computing Vol. 8, pp. 425–435, 1997.

    MATH  CrossRef  Google Scholar 

  • W. M. Wiener, “Cryptanalysis of short RSA exponents”, IEEE Trans. on Information Theory Vol. 36, pp. 553–558, 1990.

    MATH  CrossRef  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and Permissions

Copyright information

© 1999 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Howgrave-Graham, N., Seifert, JP. (1999). Extending Wiener’s Attack in the Presence of Many Decrypting Exponents. In: Secure Networking — CQRE [Secure] ’ 99. CQRE 1999. Lecture Notes in Computer Science, vol 1740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46701-7_14

Download citation

  • DOI: https://doi.org/10.1007/3-540-46701-7_14

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-66800-8

  • Online ISBN: 978-3-540-46701-4

  • eBook Packages: Springer Book Archive