On using RSA with low exponent in a public key network
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Solving simultaneous modular equations of low degree
SIAM Journal on Computing - Special issue on cryptography
Algorithmic number theory
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
A computational introduction to number theory and algebra
A computational introduction to number theory and algebra
Low-exponent RSA with related messages
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
On the equivalence of RSA and factoring regarding generic ring algorithms
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Security analysis of an RSA key generation algorithm with a large private key
ISC'11 Proceedings of the 14th international conference on Information security
Hi-index | 0.00 |
We address the problem of polynomial time solving univariate modular equations with mutually co-prime moduli. For a given system of equations we determine up to which size the common roots can be calculated efficiently. We further determine the minimum number of equations which suffice for a recovery of all common roots. The result that we obtain is superior to Håstad's original RSA broadcast attack, even if Håstad's method is combined with the best known lattice technique due to Coppersmith. Namely, our reduction uses a slightly different transformation from polynomial systems to a single polynomial. Thus, our improvement is achieved by optimal polynomial modelling rather than improved lattice techniques. Moreover, we show by a counting argument that our results cannot be improved in general. A typical application for our algorithm is an improved attack on RSA with a smaller number of polynomially related messages.