Cryptanalysis of Rsa Using Algebraic and Lattice Methods
نویسندگان
چکیده
ii I certify that I have read this dissertation and that in my opinion it is fully adequate, in scope and quality, as a dissertation for the degree of Doctor of Philosophy. I certify that I have read this dissertation and that in my opinion it is fully adequate, in scope and quality, as a dissertation for the degree of Doctor of Philosophy. I certify that I have read this dissertation and that in my opinion it is fully adequate, in scope and quality, as a dissertation for the degree of Doctor of Philosophy. Studies: iii Preface We study the security of public key cryptosystems. In particular we study the RSA public key cryptosystem and several variants. We obtain our results using tools from the theory of integer lattices. We begin with an introduction to the theory of integer lattices and describe the main results to be used throughout the rest of the work. We then review the concept of a public key cryptosystem and in particular the RSA public key cryptosystem. Next we introduce a novel algorithm for the factorization of class of integers closely related to those used by RSA and other public key cryptosystems in the literature, showing that a new class of integers can be efficiently factored. We go on to introduce new attacks on the RSA public key cryptosystem which use partial knowledge of a user's secret key, showing that leaking one quarter of the bits of the secret key is sufficient to compromise RSA. Next we describe new attacks on the RSA public key cryptosystem when a short secret exponent is used. Lastly, we describe the three Sun-Yang-Laih key generation schemes for RSA, and introduce attacks to break two of these schemes. iv Acknowledgments It is impossible to thank enough everyone who has been of help over the past four years. It has been truly an honor and a pleasure to be a part of such a vibrant community of researchers, faculty, students, and friends, and I can make only a rough attempt to express my appreciation. I want to express my great gratitude to Dan Boneh, who has been both an advisor and a friend these many years. I would also like to thank my coauthors Yair Frankel, Nick Howgrave-Graham, and Phong Nguyen; working with them has been a great pleasure. During my time at Stanford I had the opportunity to interact with …
منابع مشابه
A New Method of Constructing a Lattice Basis and Its Applications to Cryptanalyse Short Exponent RSA
We provide a new method of constructing an optimal lattice. Applying our method to the cryptanalysis of the short exponent RSA, we obtain our results which extend Boneh and Durfee’s work. Our attack methods are based on a generalization to multivariate modular polynomial equation. The results illustrate the fact that one should be careful when using RSA key generation process with special param...
متن کاملQTRU: quaternionic version of the NTRU public-key cryptosystems
In this paper we will construct a lattice-based public-key cryptosystem using non-commutative quaternion algebra, and since its lattice does not fully fit within Circular and Convolutional Modular Lattice (CCML), we prove it is arguably more secure than the existing lattice-based cryptosystems such as NTRU. As in NTRU, the proposed public-key cryptosystem relies for its inherent securi...
متن کاملDiophantine and Lattice Cryptanalysis of the RSA Cryptosystem
The RSA cryptosystem, invented in 1977 is the most popular public cryptosystem for electronic commerce. Its three inventors Rivest, Shamir and Adleman received the Year 2002 Turing Award, the equivalent Nobel Prize in Computer Science. RSA offers both encryption and digital signatures and is deployed in many commercial systems. The security of RSA is based on the assumption that factoring large...
متن کاملLattice based Attacks on Small Private Exponent RSA: A Survey
Lattice basis reduction algorithms have contributed a lot to cryptanalysis of RSA crypto system. With coppersmith’s theory of polynomials, these algorithms are searching for the weak instances of Number-theoretic cryptography, mainly RSA. In this paper we present several lattice based attacks on low private exponent of RSA.
متن کاملCryptanalysis of a Public Key Cryptosystem Proposed at ACISP 2000
At ACISP 2000, Yoo et al proposed a fast public key cryptosystem using matrices over a ring. The authors claim that the security of their system is based on the RSA problem. In this paper we present a heuristic attack that enables us to recover the private key from the public key. In particular, we show that breaking the system can be reduced to finding a short vector in a lattice which can be ...
متن کاملCryptanalysis of Short Exponent RSA with Primes Sharing Least Significant Bits
LSBS-RSA denotes an RSA system with modulus primes, p and q, sharing a large number of least signi cant bits. In ISC 2007, Zhao and Qi analyzed the security of short exponent LSBS-RSA. They claimed that short exponent LSBS-RSA is much more vulnerable to the lattice attack than the standard RSA. In this paper, we point out that there exist some errors in the calculation of Zhao & Qis attack. Af...
متن کامل