Partial Key Exposure Attack on Unbalanced RSA with small CRT exponent

    ,
Vol. 14, No. 5, pp. 135-140, Oct. 2004
10.13089/JKIISC.2004.14.5.135, Full Text:
Keywords: CRT, unbalanced RSA, partial key exposure attack, Coppersmith theorem
Abstract

In Crypto 2002 May analyzed the relation between the size of two primes and private key in unbalanced RSA with small CRT exponent. Also in Crypto 2003 he showed that if $N^{1}$4/ amount of most significant bits(least significant bits) of $d_{p}$ is exposed in balanced RSA with CRT, N can be factored. To prove this he used Howgrave-Graham's Theorem. In this paper we show that if $N^{1}$4/ amount of $d_{p}$ , p is smaller than q, and bigger than $N^{0.382}$ to avoid May's attack, is exposed in unbalanced RSA with small CRT exponent, it is enough to expose $d_{p}$ . We use Coppersmith's theorem with unbalanced primes.s.

Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
이희정, "Partial Key Exposure Attack on Unbalanced RSA with small CRT exponent," Journal of The Korea Institute of Information Security and Cryptology, vol. 14, no. 5, pp. 135-140, 2004. DOI: 10.13089/JKIISC.2004.14.5.135.

[ACM Style]
이희정. 2004. Partial Key Exposure Attack on Unbalanced RSA with small CRT exponent. Journal of The Korea Institute of Information Security and Cryptology, 14, 5, (2004), 135-140. DOI: 10.13089/JKIISC.2004.14.5.135.