• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>China International Conference on Information Security and Cryptology >Attacking RSA with a Composed Decryption Exponent Using Unravelled Linearization
【24h】

Attacking RSA with a Composed Decryption Exponent Using Unravelled Linearization

机译:使用解密的解密指数攻击RSA,使用解除的线性化

获取原文
获取外文期刊封面目录资料
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Recently, Nitaj and Douh presented a new attack on RSA with a composed decryption exponent. To be specific, they assumed that the decryption exponent in RSA is of the form d = Md_1 + d_0 where M is a known positive integer and d_0 and d_1 are two suitably small unknown integers. They gave a lattice-based decryption exponent recovery attack on this kind of RSA when the exponent d is under a larger bound than the well-known one N~(0.292) given by Boneh and Durfee. In this paper, we reconsider the same problem and present a new attack by using the unravelled linearization technique proposed by Herrmann and May at Asiacrypt 2009. Our result is theoretically better than that of Nitaj and Douh and more importantly, is more efficient in terms of the dimension of lattice involved in the attack.
机译:最近,Nitaj和Doh向RSA提供了一个新的攻击,带有组成的解密指数。具体而言,他们假设RSA中的解密指数是D = MD_1 + D_0的D = MD_1 + D_0,其中M是已知的正整数,D_0和D_1是两个适当的未知整数。当指数D低于Boneh和Durfee给出的众所周知的一个N〜(0.292)时,它们就这种RSA提供了基于格子的解密指数恢复攻击。在本文中,我们重新考虑了同样的问题,并通过使用Herrmann和5月在2009年在亚洲的解开的线性化技术来呈现新的攻击。我们的结果比Nitaj和Douh的结果更好,更重要的是,在参与攻击的格子的维度。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号