An identity-based identification scheme based on discrete logarithms modulo a composite number
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Cryptanalysis of Unbalanced RSA with Small CRT-Exponent
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Security and Performance of Server-Aided RSA Computation Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
An Attack on RSA Given a Small Fraction of the Private Key Bits
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Unbelievable Security. Matching AES Security Using Public Key Systems
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Finding Small Roots of Univariate Modular Equations Revisited
Proceedings of the 6th IMA International Conference on Cryptography and Coding
Low Secret Exponent RSA Revisited
CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
Cryptanalysis of RSA with private key d less than N0:292
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Converse results to the wiener attack on RSA
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
RSA with balanced short exponents and its application to entity authentication
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Partial key exposure attacks on RSA up to full size exponents
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Cryptanalysis of RSA with private key d less than N0.292
IEEE Transactions on Information Theory
Low-cost client puzzles based on modular exponentiation
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Cryptanalytic results on `Dual CRT' and `Common Prime' RSA
Designs, Codes and Cryptography
On the improvement of fermat factorization
NSS'12 Proceedings of the 6th international conference on Network and System Security
| Hi-index | 0.00 |
In this work we consider a variant of RSA whose public and private exponents can be chosen significantly smaller than in typical RSA. In particular, we show that it is possible to have private exponents smaller than N1/4 which are resistant to all known small private exponent attacks. This allows for instances of RSA with short CRT-exponents and short public exponents. In addition, the number of bits required to store the private key information can be significantly reduced in this variant.