We show that if the private exponent d used in the RSA public-key cryptosystem is less than N then the system is insecure. This is the first improvement over an old result of Wiener showing that when d < N the RSA system is insecure. We hope our approach can be used to eventually improve the bound to d < N.

We present a structural attack on the DME cryptosystem with parameters ( 3 , 2 q ) . The recovers 10 of 12 coefficients first linear map. also show that, if those were known, rest private key can be efficiently obtained by solving systems quadratic equations just two variables.

NTRU is an efficient public-key cryptosystem proposed by Hoffstein, Pipher, and Silverman. Assuming access to a decryption oracle, we show ways to recover the private key of NTRU systems that do not include a ciphertext validating procedure. The strongest of our methods will employ just a single call to the oracle, and in all cases, the number of calls needed will be small enough to be realistic.

We present a structural attack against the Sidelnikov cryptosystem [8]. The attack creates a private key from a given public key. Its running time is subexponential and is effective if the parameters of the Reed-Muller code allow for efficient sampling of minimum weight codewords. For example, the length 2048, 3rd-order Reed-Muller code as proposed in [8] takes roughly an hour to break on a sto...

Even though symmetric-key scheme, which has been investigated extensively for sensor networks, can fulfill many security requirements, public-key cryptography is more flexible and simple rendering a clean interface for the security component. Against the popular belief that public key scheme is not practical for sensor networks, this technical report describes the RSA and ECC public-key cryptos...

A mobile ad hoc network (MANET) is a wireless communication network, which does not rely on any centralized management or a pre-existing infrastructure. Various key management authorities distributed over the network, each with a periodically updated share of the secrete key, is usually adopted. Thus many efforts have been made to adapt key management authority’s tasks to the dynamic environmen...

In this paper, we present the cryptanalysis of a public key scheme based on a system of multivariate polynomial equations, the ”tractable rational map” cryptosystem. We show combinatorial weaknesses of the cryptosystem, and introduce a variant of the XL resolution algorithm, the Linear Method, which is able to leverage these weaknesses to invert in short time the trapdoor one-way function defin...

At SAC '97, Itoh, Okamoto and Mambo presented a fast public key cryptosystem. After analyzing several attacks including lattice-reduction attacks, they claimed that its security was high, although the cryptosystem had some resemblances with the former knapsack cryp-tosystems, since decryption could be viewed as a multiplicative knapsack problem. In this paper, we show how to recover the private...

A new algebraic approach to investigate the security of the McEliece cryptosystem has been proposed by Faugère-Otmani-Perret-Tillich in Eurocrypt 2010. This paper is an extension of this work. The McEliece’s scheme relies on the use of error-correcting codes. It has been proved that the private key of the cryptosystem satisfies a system of bi-homogeneous polynomial equations. This property is d...

Public-key cryptosystems without requiring digital certificates are very attractive in wireless communications due to limitations imposed by communication bandwidth and computational resource of the mobile wireless communication devices. To eliminate public-key digital certificate, Shamir introduced the concept of the identity-based (ID-based) cryptosystem. The main advantage of the ID-based cr...