Skip to main content
Article thumbnail
Location of Repository

Cryptanalysis of RSA using the ratio of the primes

By Abderrahmane Nitaj


Abstract. Let N = pq be an RSA modulus, i.e. the product of two large unknown primes of equal bit-size. In the X9.31-1997 standard for public key cryptography, Section 4.1.2, there are a number of recommendations for the generation of the primes of an RSA modulus. Among them, the ratio of the primes shall not be close to the ratio of small integers. In this paper, we show that if the public exponent e satisfies an equation eX − (N − (ap + bq))Y = Z with suitably small integers X, Y, Z, where a q is an unknown convergent of the continued fraction expansion of b p, then N can be factored efficiently. In addition, we show that the number of such exponents is at least N 3 4 −ε where ε is arbitrarily small for large N

Topics: RSA, Cryptanalysis, Factorization, Coppersmith’s Method, Continued Fraction
Publisher: Springer-Verlag
Year: 2009
OAI identifier: oai:CiteSeerX.psu:
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.