Abstract
Let \(N_{1} = p_{1}q_{1}\) and \(N_{2} = p_{2}q_{2}\) be two RSA moduli, not necessarily of the same bit-size. In 2009, May and Ritzenhofen proposed a method to factor \(N_{1}\) and \(N_{2}\) given the implicit information that \(p_{1}\) and \(p_{2}\) share an amount of least significant bits. In this paper, we propose a generalization of their attack as follows: suppose that some unknown multiples \(a_{1}p_{1}\) and \(a_{2}p_{2}\) of the prime factors \(p_{1}\) and \(p_{2}\) share an amount of their Most Significant Bits (MSBs) or an amount of their Least Significant Bits (LSBs). Using a method based on the continued fraction algorithm, we propose a method that leads to the factorization of \(N_{1}\) and \(N_{2}\). Using simultaneous diophantine approximations and lattice reduction, we extend the method to factor \(k\ge 3\) RSA moduli \(N_{i}=p_{i}q_{i}, i=1,\ldots ,k\) given the implicit information that there exist unknown multiples \(a_{1}p_{1}, \ldots , a_kp_k\) sharing an amount of their MSBs or their LSBs. Also, this paper extends many previous works where similar results were obtained when the \(p_{i}\)’s share their MSBs or their LSBs.
Similar content being viewed by others
References
Faugère, J-C., Marinier, R., Renault, G.: Implicit factoring with shared most significant and middle bits. In: Nguyen, P.Q., Pointcheval, D. (eds.) Public Key Cryptography, Lecture Notes in Computer Science, vol. 6056, pp. 70–87. Springer, Berlin (2010)
Hardy, G.H., Wright, E.M.: An Introduction to the Theory of Numbers. Oxford University Press, London (1975)
Kurosawa, K., Ueda, T.: How to factor \(N_{1}\) and \(N_{2}\) when \(p_{1}=p_{2} ~(\text{ mod } \,\, 2^t)\). In: Sakiyama, K., Terada, M. (eds.) IWSEC 2013, Lecture Notes in Computer Science, vol. 8231, pp. 217–225. Springer, Berlin (2013)
Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 513–534 (1982)
May, A., M. Ritzenhofen, R.: Implicit factoring: On polynomial time factoring given only an implicit hint. In: Stanislaw J., Gene T. (eds.) Public Key Cryptography, Lecture Notes in Computer Science, vol. 5443, pp. 1–14. Springer, Berlin (2009)
Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 120–126 (1978)
Shamir, A.: RSA Laboratories CryptoBytes. RSA Paranoids 1, 3–4 (1995)
Sarkar, S., Maitra, S.: Further results on implicit factoring in polynomial time. Adv. Math. Commun. 3, 205–217 (2009)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Nitaj, A., Ariffin, M.R.K. Implicit factorization of unbalanced RSA moduli. J. Appl. Math. Comput. 48, 349–363 (2015). https://doi.org/10.1007/s12190-014-0806-1
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12190-014-0806-1