On the Security of RSA with Primes Sharing Least-Significant Bits

Authors:
Ron Steinfeld;Yuliang Zheng
Affiliations:
Macquarie University, Department of Computing, 2109, North Ryde, NSW, Australia;University of North Carolina at Charlotte, Department of Software and Information Systems, 28223, Charlotte, NC, USA
Venue:
Applicable Algebra in Engineering, Communication and Computing
Year:
2004

Citing 0
Cited 4

On the Improvement of the BDF Attack on LSBS-RSA

ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Cryptanalysis of Short Exponent RSA with Primes Sharing Least Significant Bits

CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
Weak keys in RSA with primes sharing least significant bits

Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Small private-exponent attack on RSA with primes sharing bits

ISC'07 Proceedings of the 10th international conference on Information Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We investigate the security of a variant of the RSA public-key cryptosystem called LSBS-RSA, in which the modulus primes share a large number of least-significant bits. We show that low public-exponent LSBS-RSA is inherently resistant to Partial Key Exposure (PKE) attacks in which least-significant bits of the secret exponent are revealed to the attacker, and in particular that the Boneh-Durfee-Frankel PKE attack [5] on low public-exponent RSA is less effective for LSBS-RSA systems than for standard RSA. On the other hand, we show that large public-exponent LSBS-RSA is more vulnerable to such attacks than standard RSA. An application to server-aided RSA signature generation is proposed.