Fast RSA-type cryptosystem modulo pkq

  • Tsuyoshi Takagi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1462)


We propose a cryptosystem modulo p k q based on the RSA cryptosystem. We choose an appropriate modulus p k q which resists two of the fastest factoring algorithms, namely the number field sieve and the elliptic curve method. We also apply the fast decryption algorithm modulo p k proposed in [22]. The decryption process of the proposed cryptosystems is faster than the RSA cryptosystem using Chinese remainder theorem, known as the Quisquater-Couvreur method [17]. For example, if we choose the 768-bit modulus p 2 q for 256-bit primes p and q, then the decryption process of the proposed cryptosystem is about 3 times faster than that of RSA cryptosystem using Quisquater-Couvreur method.

Key words

RSA cryptosystem Quisquater-Couvreur method fast decryption factoring algorithm 


  1. 1.
    L. M. Adleman and K. S. McCurley,“Open problems in number theoretic complexity, II” proceedings of ANTS-I, LNCS 877, (1994), pp.291–322.MATHMathSciNetGoogle Scholar
  2. 2.
    G. R. Blakley and I. Borosh, “Rivest-Shamir-Adleman public key cryptosystems do not always conceal messages,” Comput. & Maths. with Appls., 5, (1979), pp.169–178.MATHMathSciNetCrossRefGoogle Scholar
  3. 3.
    D. Coppersmith, M. Franklin, J. Patarin and M. Reiter, “Low-exponent RSA with related messages,” Advances in Cryptology — EUROCRYPT '96, LNCS 1070, (1996), pp.1–9.Google Scholar
  4. 4.
    D. Coppersmith, “Finding a small root of a univariate modular equation,” Advances in Cryptology — EUROCRYPT '96, LNCS 1070, (1996), pp.155–165.MathSciNetGoogle Scholar
  5. 5.
    J. Cowie, B. Dodson, R. Elkenbracht-Huizing, A. K. Lenstra, P. L. Montgomery, J. Zayer; “A world wide number field sieve factoring record: on to 512 bits,” Advances in Cryptology — ASIACRYPT '96, LNCS 1163, (1996), pp.382–394.MATHMathSciNetGoogle Scholar
  6. 6.
    J. Håstad, “Solving simultaneous modular equations of low degree,” SIAM Journal of Computing, 17, (1988), pp.336–341.MATHCrossRefGoogle Scholar
  7. 7.
    B. S. Kaliski Jr. and M. Robshaw, “Secure use of RSA,” CRYPTOBYTES, 1 (3), (1995), pp.7–13.Google Scholar
  8. 8.
    ECMNET Project; Scholar
  9. 9.
    D. Hühnlein, M. J. Jacobson, S. Paulus, and T. Takagi, “A cryptosystem based on non-maximal imaginary quadratic orders with fast decryption.” Advances in Cryptology — EUROCRYPT '98, LNCS 1403, (1998), pp.294–307.MATHGoogle Scholar
  10. 10.
    H. W. Lenstra, Jr., “Factoring integers with elliptic curves”, Annals of Mathematics, 126, (1987), pp.649–673.MATHMathSciNetCrossRefGoogle Scholar
  11. 11.
    A. K. Lenstra and H. W. Lenstra, Jr. (Eds.), “The development of the number field sieve,” Lecture Notes in Mathematics, 1554, Springer, (1991).Google Scholar
  12. 12.
    U. M. Maurer; “Fast generation of prime numbers and secure public-key cryptographic parameters,” Journal of Cryptology, Vol.8, (1995), pp.123–155.MATHMathSciNetCrossRefGoogle Scholar
  13. 13.
    A. J. Menezes, P. C. van Oorschot and S. A. Vanstone, “Handbook of applied cryptography,” CRC Press, (1996).Google Scholar
  14. 14.
    T. Okamoto, “A fast signature scheme based on congruential polynomial operations,” IEEE Transactions on Information Theory, IT-36, (1990), pp.47–53.MathSciNetCrossRefGoogle Scholar
  15. 15.
    T. Okamoto and S. Uchiyama; “A new public-key cryptosystem as secure as factoring,” Advances in Cryptology — EUROCRYPT '98, LNCS 1403, (1998), pp.308–318.MATHMathSciNetGoogle Scholar
  16. 16.
    R. Peralta and E. Okamoto, “Faster factoring of integers of a special form,” IEICE Trans. Fundamentals, Vol.E79-A, No.4, (1996), pp.489–493.Google Scholar
  17. 17.
    J.-J. Quisquater and C. Couvreur, “Fast decipherment algorithm for RSA public-key cryptosystem,” Electronic Letters, 18, (1982), pp.905–907.Google Scholar
  18. 18.
    M. O. Rabin, “Digitalized signatures and public-key functions as intractable as factorization”, Technical Report No.212, MIT, Laboratory of Computer Science, Cambridge (1979), pp.1–16.Google Scholar
  19. 19.
    R. Rivest, A. Shamir and L. M. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, 21(2), (1978), pp.120–126.MATHMathSciNetCrossRefGoogle Scholar
  20. 20.
    R. Rivest and R. D. Silverman, “Are 'strong’ primes needed for RSA,” The 1997 RSA Laboratories Seminar Series, Seminars Proceedings, (1997).Google Scholar
  21. 21.
    A. Shamir; “RSA for paranoids,” CryptoBytes, 1, Autumn, (1995), pp. 1–4.MATHGoogle Scholar
  22. 22.
    T. Takagi, “Fast RSA-type cryptosystem using n-adic expansion,” Advances in Cryptology — CRYPTO '97, LNCS 1294, (1997), pp.372–384.MATHMathSciNetGoogle Scholar
  23. 23.
    E. R. Verheul and H. C. A. van Tilborg, “Cryptanalysis of ‘less short’ RSA secret exponents,” Applicable Algebra in Engineering, Communication and Computing, 8, (1997), pp.425–435.MATHMathSciNetCrossRefGoogle Scholar
  24. 24.
    M. J. Wiener, “Cryptanalysis of short RSA secret exponents,” IEEE Transactions on Information Theory, IT-36, (1990), pp.553–558.MathSciNetCrossRefGoogle Scholar
  25. 25.
    H. C. Williams and B. Schmid, “Some remarks concerning the M.I.T. public-key cryptosystem,” BIT 19, (1979), pp.525–538.MATHMathSciNetCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Tsuyoshi Takagi
    • 1
  1. 1.NTT Software LaboratoriesTokyoJapan

Personalised recommendations