Paillier's cryptosystem revisited
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Some facets of complexity theory and cryptography: A five-lecture tutorial
ACM Computing Surveys (CSUR)
On the Security of the Digital Signature Algorithm
Designs, Codes and Cryptography
On Some Attacks on Multi-prime RSA
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Cryptanalysis of Unbalanced RSA with Small CRT-Exponent
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Approximate Integer Common Divisors
CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
Low Secret Exponent RSA Revisited
CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
On the uniformity of distribution of the decryption exponent in fixed encryption exponent RSA
Information Processing Letters
Speeding up Exponentiation using an Untrusted Computational Resource
Designs, Codes and Cryptography
Improving secure server performance by re-balancing SSL/TLS handshakes
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Certification of the QR factor R and of lattice basis reducedness
Proceedings of the 2007 international symposium on Symbolic and algebraic computation
Toward a Rigorous Variation of Coppersmith's Algorithm on Three Variables
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Estimating the Prime-Factors of an RSA Modulus and an Extension of the Wiener Attack
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Revisiting Wiener's Attack --- New Weak Keys in RSA
ISC '08 Proceedings of the 11th international conference on Information Security
A New Class of Weak Encryption Exponents in RSA
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Cryptanalysis of Short Exponent RSA with Primes Sharing Least Significant Bits
CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
Solving Linear Equations Modulo Divisors: On Factoring Given Any Bits
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A New Lattice Construction for Partial Key Exposure Attack for RSA
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Improved Partial Key Exposure Attacks on RSA by Guessing a Few Bits of One of the Prime Factors
Information Security and Cryptology --- ICISC 2008
Partial Key Exposure Attack on CRT-RSA
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Trading decryption for speeding encryption in Rebalanced-RSA
Journal of Systems and Software
On the uniformity of distribution of the decryption exponent in fixed encryption exponent RSA
Information Processing Letters
Cryptanalysis of RSA with more than one decryption exponent
Information Processing Letters
A polynomial time attack on RSA with private CRT-exponents smaller than N0.073
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Small secret key attack on a variant of RSA (due to Takagi)
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Speeding-up lattice reduction with random projections
LATIN'08 Proceedings of the 8th Latin American conference on Theoretical informatics
Factoring unbalanced moduli with known bits
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Low-cost client puzzles based on modular exponentiation
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Publishing upper half of RSA decryption exponent
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Traitor tracing schemes for protected software implementations
Proceedings of the 11th annual ACM workshop on Digital rights management
Security analysis of an RSA key generation algorithm with a large private key
ISC'11 Proceedings of the 14th international conference on Information security
A partial key exposure attack on RSA using a 2-dimensional lattice
ISC'06 Proceedings of the 9th international conference on Information Security
On the provable security of an efficient RSA-Based pseudorandom generator
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Cryptanalysis of timestamp-based password authentication schemes using smart cards
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Another look at small RSA exponents
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
On the randomness of bits generated by sufficiently smooth functions
ANTS'06 Proceedings of the 7th international conference on Algorithmic Number Theory
Modelling the LLL algorithm by sandpiles
LATIN'10 Proceedings of the 9th Latin American conference on Theoretical Informatics
Converse results to the wiener attack on RSA
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
A tool kit for finding small roots of bivariate polynomials over the integers
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Partial key exposure attacks on RSA up to full size exponents
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
New attacks on RSA with small secret CRT-Exponents
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Efficient CRT-RSA decryption for small encryption exponents
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Reducing the key size of rainbow using non-commutative rings
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Partial key exposure: generalized framework to attack RSA
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Transaction-based authentication and key agreement protocol for inter-domain VoIP
Journal of Network and Computer Applications
Cryptanalysis of RSA with a small parameter
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
An efficient certified email protocol
ISC'07 Proceedings of the 10th international conference on Information Security
Small private-exponent attack on RSA with primes sharing bits
ISC'07 Proceedings of the 10th international conference on Information Security
On optimal bounds of small inverse problems and approximate GCD problems with higher degree
ISC'12 Proceedings of the 15th international conference on Information Security
Side channel attack to actual cryptanalysis: breaking CRT-RSA with low weight decryption exponents
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Cryptanalysis of multi-prime RSA with small prime difference
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Cryptanalytic results on `Dual CRT' and `Common Prime' RSA
Designs, Codes and Cryptography
On the improvement of fermat factorization
NSS'12 Proceedings of the 6th international conference on Network and System Security
Security pitfalls of an efficient threshold proxy signature scheme for mobile agents
Information Processing Letters
On the improvement of Fermat factorization using a continued fraction technique
Future Generation Computer Systems
| Hi-index | 754.84 |
We show that if the private exponent d used in the RSA (Rivest-Shamir-Adleman (1978)) public-key cryptosystem is less than N 0.292 then the system is insecure. This is the first improvement over an old result of Wiener (1990) showing that when d is less than N0.25 the RSA system is insecure. We hope our approach can be used to eventually improve the bound to d less than N 0.5