Location of Repository

Cryptanalysis of RSA using the ratio of the primes

By Abderrahmane Nitaj

Abstract

Abstract. Let N = pq be an RSA modulus, i.e. the product of two large unknown primes of equal bit-size. In the X9.31-1997 standard for public key cryptography, Section 4.1.2, there are a number of recommendations for the generation of the primes of an RSA modulus. Among them, the ratio of the primes shall not be close to the ratio of small integers. In this paper, we show that if the public exponent e satisfies an equation eX − (N − (ap + bq))Y = Z with suitably small integers X, Y, Z, where a q is an unknown convergent of the continued fraction expansion of b p, then N can be factored efficiently. In addition, we show that the number of such exponents is at least N 3 4 −ε where ε is arbitrarily small for large N

Topics: RSA, Cryptanalysis, Factorization, Coppersmith’s Method, Continued Fraction
Publisher: Springer-Verlag
Year: 2009
OAI identifier: oai:CiteSeerX.psu:10.1.1.297.739
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.math.unicaen.fr/~ni... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.