Solving simultaneous modular equations of low degree
SIAM Journal on Computing - Special issue on cryptography
How to break Okamoto's cryptosystem by reducing lattice bases
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Finding Small Roots of Univariate Modular Equations Revisited
Proceedings of the 6th IMA International Conference on Cryptography and Coding
Finding Small Solutions to Small Degree Polynomials
CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
A New Lattice Construction for Partial Key Exposure Attack for RSA
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Fault Attacks on RSA Signatures with Partially Unknown Messages
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Factoring pq2 with Quadratic Forms: Nice Cryptanalyses
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
The LLL Algorithm: Survey and Applications
The LLL Algorithm: Survey and Applications
Finding a small root of a univariate modular equation
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Cryptanalysis of RSA with private key d less than N0:292
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Solving generalized small inverse problems
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
ANTS'06 Proceedings of the 7th international conference on Algorithmic Number Theory
A tool kit for finding small roots of bivariate polynomials over the integers
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Partial key exposure attacks on RSA up to full size exponents
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
| Hi-index | 0.00 |
We investigate the Coppersmith technique [7] for finding solutions of a univariate modular equation within a range given by range parameter U. This paper provides a way to analyze a general type of limitation of the lattice construction. Our analysis bounds the possible range of U from above that is asymptotically equal to the bound given by the original result of Coppersmith. To show our result, we establish a framework for the technique by following the reformulation of Howgrave-Graham [14], and derive a condition for the technique to work. We then provide a way to analyze a bound of U for achieving the condition. Technically, we show that (i) the original result of Coppersmith achieves an optimal bound for U when constructing a lattice in a standard way. We then show evidence supporting that (ii) a non-standard lattice construction is generally difficult. We also report on computer experiments demonstrating the tightness of our analysis. Some of the detailed arguments are omitted due to the space limit; see the full-version [1].