Small solutions to polynomial equations, and low exponent RSA vulnerabilities

DOI10.1007/s001459900030zbMath0912.11056OpenAlexW2101040389WikidataQ54136651 ScholiaQ54136651MaRDI QIDQ1382143

Publication date: 16 May 1999

Published in: Journal of Cryptology (Search for Journal in Brave)

Full work available at URL: https://doi.org/10.1007/s001459900030

zbMATH Keywords

RSA polynomials small solutions factoring lattice basis reduction integer roots modular polynomial equation

Mathematics Subject Classification ID

Cryptography (94A60) Number-theoretic algorithms; complexity (11Y16) Factorization (11Y05)

Related Items (only showing first 100 items - show all)

An efficient and secure RSA-like cryptosystem exploiting Rédei rational functions over conics ⋮ SoK: how (not) to design and implement post-quantum cryptography ⋮ (EC)DSA lattice attacks based on Coppersmith's method ⋮ A Unified Framework for Small Secret Exponent Attack on RSA ⋮ Efficient RSA Key Generation and Threshold Paillier in the Two-Party Setting ⋮ Towards faster polynomial-time lattice reduction ⋮ Factoring multi-power RSA moduli with primes sharing least or most significant bits ⋮ Trapdoor DDH groups from pairings and isogenies ⋮ Cryptanalysis of a public key cryptosystem based on Diophantine equations via weighted LLL reduction ⋮ Cryptanalysis of an RSA variant with moduli \(N=p^r q^l\) ⋮ A note on the bivariate Coppersmith theorem ⋮ Attacking RSA with a Composed Decryption Exponent Using Unravelled Linearization ⋮ New Multilinear Maps Over the Integers ⋮ Cryptanalysis of the Co-ACD Assumption ⋮ Classical attacks on a variant of the RSA cryptosystem ⋮ Factoring RSA moduli with primes sharing bits in the middle ⋮ Cryptanalysis of RSA variants with primes sharing most significant bits ⋮ Recovering zeros of polynomials modulo a prime ⋮ Acoustic cryptanalysis ⋮ Efficient cryptosystems from \(2^k\)-th power residue symbols ⋮ Approximate divisor multiples -- factoring with only a third of the secret CRT-exponents ⋮ A quasi quadratic time algorithm for hyperelliptic curve point counting ⋮ Instantiability of RSA-OAEP under chosen-plaintext attack ⋮ Revisiting approximate polynomial common divisor problem and noisy multipolynomial reconstruction ⋮ Partial Key Exposure Attack on CRT-RSA ⋮ A generalized attack on RSA type cryptosystems ⋮ Fast rebalanced RSA signature scheme with typical prime generation ⋮ Comment on ``An enhanced and secured RSA public cryptosystem algorithm using Chinese remainder theorem (ESRPKC) ⋮ New Attacks on RSA with Moduli N = p r q ⋮ Factoring RSA Moduli with Weak Prime Factors ⋮ A New Partial Key Exposure Attack on Multi-power RSA ⋮ Improving small private exponent attack on the Murru-Saettone cryptosystem ⋮ Finding shortest lattice vectors faster using quantum search ⋮ Attacking the linear congruential generator on elliptic curves via lattice techniques ⋮ Small secret exponent attack on RSA variant with modulus \(N=p^rq\) ⋮ Cryptanalytic results on `Dual CRT' and `Common Prime' RSA ⋮ Efficient RSA key generation and threshold Paillier in the two-party setting ⋮ Another Generalization of Wiener’s Attack on RSA ⋮ On the modular inversion hidden number problem ⋮ Cryptographic Applications of Capacity Theory: On the Optimality of Coppersmith’s Method for Univariate Polynomials ⋮ A public key cryptosystem based on three new provable problems ⋮ The better bound of private key in RSA with unbalanced primes ⋮ Gradual sub-lattice reduction and a new complexity for factoring polynomials ⋮ How to fake an RSA signature by encoding modular root finding as a SAT problem ⋮ More constructions of lossy and correlation-secure trapdoor functions ⋮ Some lattice attacks on DSA and ECDSA ⋮ Extended partial key exposure attacks on RSA: improvement up to full size decryption exponents ⋮ Factoring multi power RSA moduli with a class of secret exponents ⋮ On oracle factoring of integers ⋮ Recovering a sum of two squares decomposition ⋮ On reducing factorization to the discrete logarithm problem modulo a composite ⋮ A Tool Kit for Partial Key Exposure Attacks on RSA ⋮ An Improved Analysis on Three Variants of the RSA Cryptosystem ⋮ On the security of multi-prime RSA ⋮ Improved Results on Cryptanalysis of Prime Power RSA ⋮ Revisiting Wiener’s Attack – New Weak Keys in RSA ⋮ Further improvement of factoring \(N=p^rq^s\) with partial known bits ⋮ A generalized attack on some variants of the RSA cryptosystem ⋮ Partial key exposure attacks on RSA: achieving the Boneh-Durfee bound ⋮ Implicit Related-Key Factorization Problem on the RSA Cryptosystem ⋮ Cryptanalysis of the RSA variant based on cubic Pell equation ⋮ Application of ECM to a class of RSA keys ⋮ Improved Cryptanalysis of the Multi-Prime φ - Hiding Assumption ⋮ Cryptanalysis of Dual RSA ⋮ Combined Attack on CRT-RSA ⋮ A new method of constructing a lattice basis and its applications to cryptanalyse short exponent RSA ⋮ On the security of RSA with primes sharing least-significant bits ⋮ A new public key cryptosystem based on Edwards curves ⋮ Small CRT-exponent RSA revisited ⋮ Fast LLL-type lattice reduction ⋮ Smallest Reduction Matrix of Binary Quadratic Forms ⋮ Predicting nonlinear pseudorandom number generators ⋮ Cryptanalysis of RSA for a special case with \(d > e\) ⋮ A method for obtaining digital signatures and public-key cryptosystems ⋮ Solving Linear Equations Modulo Divisors: On Factoring Given Any Bits ⋮ Finding small solutions of the equation \(Bx-Ay=z\) and its applications to cryptanalysis of the RSA cryptosystem ⋮ Cryptanalysis of RSA with two decryption exponents ⋮ Partial Key Exposure Attacks on CRT-RSA: Better Cryptanalysis to Full Size Encryption Exponents ⋮ A new attack on RSA with two or three decryption exponents ⋮ An exponent one-fifth algorithm for deterministic integer factorisation ⋮ Improved Partial Key Exposure Attacks on RSA by Guessing a Few Bits of One of the Prime Factors ⋮ Ideal forms of Coppersmith's theorem and Guruswami-Sudan list decoding ⋮ Cryptanalysis of elliptic curve hidden number problem from PKC 2017 ⋮ Towards Optimal Bounds for Implicit Factorization Problem ⋮ Efficient public key encryption with smallest ciphertext expansion from factoring ⋮ Inferring sequences produced by a linear congruential generator on elliptic curves missing high-order bits ⋮ Sufficient conditions for factoring a class of large integers ⋮ Partial Key Exposure Attacks on RSA with Multiple Exponent Pairs ⋮ A New Attack on Three Variants of the RSA Cryptosystem ⋮ Cryptanalysis of RSA Using the Ratio of the Primes ⋮ Algorithm for factoring some RSA and Rabin moduli ⋮ Simplified High-Speed High-Distance List Decoding for Alternant Codes ⋮ Generalized cryptanalysis of small CRT-exponent RSA ⋮ A deterministic algorithm for finding \(r\)-power divisors ⋮ The multi-dimension RSA and its low exponent security ⋮ Fast reduction of algebraic lattices over cyclotomic fields ⋮ Formally verified certificate checkers for hardest-to-round computation ⋮ Revisiting prime power RSA ⋮ A new attack on RSA and Demytko’s elliptic curve cryptosystem ⋮ Forty years of attacks on the RSA cryptosystem: A brief survey

This page was built for publication: Small solutions to polynomial equations, and low exponent RSA vulnerabilities