The multi-variable modular polynomial and its applications to cryptography
We prove the extension of the Håstad algorithm to the multi-variable modular polynomial. Although the Håstad attack is one of the strongest known attacks on RSA-type cryptosystems, the original Håstad attack is generally not applicable to multi-variable cryptosystems, where the plain text space (the encryption domain) is multi-variable. As an application of our extension, we attack RSA-type cryptosystems over elliptic curves and show the critical number of encrypted texts.
Unable to display preview. Download preview PDF.
- 1.B. Buchberger, “Application of gröbner bases in non-linear computer science”, Lecture Notes in Computer Science, Vol.296, (1987), pp.52–80.Google Scholar
- 2.D. Coppersmith, M. Franklin, J. Patarin, M. Reiter, “Low-exponet RSA with related messages”, Advances in Cryptology — EURO-CRYPT '96, LNCS 1070, (1996), pp.1–9.Google Scholar
- 3.D. Coppersmith, “Finding a small root of a univariate modular equation”, Advances in Cryptology — EUROCRYPT '96, LNCS 1070, (1996), pp.155–165.Google Scholar
- 5.K. Koyama, U. M. Maurer, T. Okamoto and S. A. Vanstone, “New public-key schemes based on elliptic curves over the ring Zn”, Advances in Cryptology — CRYPTO '91, LNCS 576, (1992), pp.252–266.Google Scholar
- 8.J. H. Silverman, “The arithmetic of elliptic curves”, GTM106, Springer-Verlag, Berlin, 1986.Google Scholar