There are many partial key exposure attacks on RSA or its variants under the assumption that a portion of the bits of the decryption exponent d is exposed. Sarkar and Maitra presented a further attack when some bits of the private prime factor q in the modulus N = pq are simultaneously revealed and the total number of bits of q and d required to be known is reduced compared to previous partial key exposure attacks. In this paper, for both the standard RSA with moduli N = pq and the Takagi’s variant of RSA with moduli N = p 2 q, we propose partial key exposure attacks when most significant bits (MSBs) or least significant bits of q are exposed. Compared with previous results, our theoretical analysis and experimental results show a substantial improvement in reducing the number of known bits of the private key to factor N.
CITATION STYLE
Peng, L., Hu, L., Huang, Z., & Xu, J. (2015). Partial prime factor exposure attacks on RSA and its Takagi’s variant. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9065, pp. 96–108). Springer Verlag. https://doi.org/10.1007/978-3-319-17533-1_7
Mendeley helps you to discover research relevant for your work.