Toward a Rigorous Variation of Coppersmith's Algorithm on Three Variables

Authors:
Aurélie Bauer;Antoine Joux
Affiliations:
Université de Versailles Saint-Quentin-en-Yvelines, Laboratoire PRISM, 45, Avenue des Etats-Unis, 78035 Versailles cedex, France;DGA, and Université de Versailles Saint-Quentin-en-Yvelines, Laboratoire PRISM, 45, Avenue des Etats-Unis, 78035 Versailles cedex, France
Venue:
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Year:
2007

Citing 9
Cited 2

Finding Small Roots of Univariate Modular Equations Revisited

Proceedings of the 6th IMA International Conference on Cryptography and Coding
Approximate Integer Common Divisors

CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
Finding Small Solutions to Small Degree Polynomials

CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
Low Secret Exponent RSA Revisited

CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
Finding a small root of a univariate modular equation

EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Finding a small root of a bivariate integer equation; factoring with high bits known

EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A tool kit for finding small roots of bivariate polynomials over the integers

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Partial key exposure attacks on RSA up to full size exponents

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Cryptanalysis of RSA with private key d less than N0.292

IEEE Transactions on Information Theory

Factoring unbalanced moduli with known bits

ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Inferring sequences produced by nonlinear pseudorandom number generators using coppersmith's methods

PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

In 1996, Coppersmith introduced two lattice reduction based techniques to find small roots in polynomial equations. One technique works for modular univariate polynomials, the other for bivariate polynomials over the integers. Since then, these methods have been used in a huge variety of cryptanalytic applications. Some applications also use extensions of Coppersmith's techniques on more variables. However, these extensions are heuristic methods. In the present paper, we present and analyze a new variation of Coppersmith's algorithm on three variables over the integers. We also study the applicability of our method to short RSA exponents attacks. In addition to lattice reduction techniques, our method also uses Gröbner bases computations. Moreover, at least in principle, it can be generalized to four or more variables.