A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Cryptography: Theory and Practice
Cryptography: Theory and Practice
An Advantage of Low-Exponent RSA with Modulus Primes Sharing Least Significant Bits
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Cryptanalysis of Unbalanced RSA with Small CRT-Exponent
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of the RSA Schemes with Short Secret Exponent from Asiacrypt '99
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Unbelievable Security. Matching AES Security Using Public Key Systems
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Finding Small Roots of Univariate Modular Equations Revisited
Proceedings of the 6th IMA International Conference on Cryptography and Coding
Low Secret Exponent RSA Revisited
CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
Cryptanalysis of RSA with private key d less than N0.292
IEEE Transactions on Information Theory
Factorization of Square-Free Integers with High Bits Known
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Factorization of square-free integers with high bits known
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Cryptanalysis of multi-prime RSA with small prime difference
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
| Hi-index | 0.00 |
Using more than two factors in the modulus of the RSA cryptosystem has the arithmetic advantage that the private key computations can be speeded up using Chinese remaindering. At the same time, with a proper choice of parameters, one does not have to work with a larger modulus to achieve the same level of security in terms of the difficulty of the integer factorization problem. However, numerous attacks on specific instances on the RSA cryptosystem are known that apply if, for example, the decryption or encryption exponent are chosen too small, or if partial knowledge of the private key is available. Little work is known on how such attacks perform in the multi-prime case. It turns out that for most of these attacks it is crucial that the modulus contains exactly two primes. They become much less effective, or fail, when the modulus factors into more than two distinct primes.