Breaking RSA May Be Easier Than Factoring
نویسندگان
چکیده
We provide evidence that breaking low-exponent rsa cannot be equivalent to factoring integers. We show that an algebraic reduction from factoring to breaking low-exponent rsa can be converted into an e cient factoring algorithm. Thus, in e ect an oracle for breaking rsa does not help in factoring integers. Our result suggests an explanation for the lack of progress in proving that breaking rsa is equivalent to factoring. We emphasize that our results do not expose any speci c weakness in the rsa system.
منابع مشابه
Fpga and Asic Implementation of Rho and P-1 Methods of Factoring
FPGA AND ASIC IMPLEMENTATION OF RHO AND P-1 METHODS OF FACTORING Ramakrishna Bachimanchi, MS George Mason University, 2007 Thesis Director: Dr. Kris Gaj One of the main challenges in the cryptography is breaking RSA-1024. The problem can be explained as factoring large integers. The suitable methods for this purpose are Multiple Polynomial Quadratic Sieve (MPQS) and Number Field Sieve (NFS). Ou...
متن کاملBreaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring
The Diffie-Hellman key-exchange protocol may naturally be extended to k > 2 parties. This gives rise to the generalized Diffie-Hellman assumption (GDH-Assumption). Naor and Reingold have recently shown an efficient construction of pseudo-random functions and proved its security based on the GDH-Assumption. In this note, we prove that breaking this assumption modulo a so called Blum-integer woul...
متن کاملQuantum algorithms for computing short discrete logarithms and factoring RSA integers
In this paper we generalize the quantum algorithm for computing short discrete logarithms previously introduced by Eker̊a [2] so as to allow for various tradeoffs between the number of times that the algorithm need be executed on the one hand, and the complexity of the algorithm and the requirements it imposes on the quantum computer on the other hand. Furthermore, we describe applications of al...
متن کاملQuantum Algorithms for Computing Short Discrete Logarithms and Factoring RSA Integers
In this paper we generalize the quantum algorithm for computing short discrete logarithms previously introduced by Eker̊a [2] so as to allow for various tradeoffs between the number of times that the algorithm need be executed on the one hand, and the complexity of the algorithm and the requirements it imposes on the quantum computer on the other hand. Furthermore, we describe applications of al...
متن کاملA Note on the Complexity of Breaking Okamoto-Tanaka ID-Based Key Exchange Scheme
The rigorous security of Okamoto-Tanaka identity-based key exchange scheme has been open for a decade. In this paper, we show that (1) breaking the scheme is equivalent to breaking the Diffie-Hellman key exchange scheme over Zn, and (2) impersonation is easier than breaking. The second result is obtained by proving that breaking the RSA public-key cryptosystem reduces to breaking the Diffie-Hel...
متن کامل