We present extremely simple ways of embedding a backdoor in the key generation scheme of RSA. Three of our schemes generate two genuinely random primes p and q of a given size, to obtain their public product n = pq. However they generate private/public exponents pairs (d, e) in such a way that appears very random while allowing the author of the scheme to easily factor n given only the public information (n, e). Our last scheme, similar to the PAP method of Young and Yung, but more secure, works for any public exponent e such as 3,17,65537 by revealing the factorization of n in its own representation. This suggests that nobody should rely on RSA key generation schemes provided by a third party. © Springer-Verlag Berlin Heidelberg 2003.
CITATION STYLE
Crépeau, C., & Slakmon, A. (2003). Simple backdoors for RSA key generation. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2612, 403–416. https://doi.org/10.1007/3-540-36563-x_28
Mendeley helps you to discover research relevant for your work.