Multi-power Post-quantum RSA

Special purpose factoring algorithms have discouraged the adoption of multi-power RSA, even in a post-quantum setting. We revisit the known attacks and find that a general recommendation against repeated factors is unwarranted. We find that one-terabyte RSA keys of the form $n = p_1^2p_2^3p_3^5p_4^7\cdots p_i^{\pi_i}\cdots p_{20044}^{225287}$ are competitive with one-terabyte RSA keys of the form $n = p_1p_2p_3p_4\cdots p_i\cdots p_{2^{31}}$. Prime generation can be made to be a factor of 100000 times faster at a loss of at least $1$ but not more than $17$ bits of security against known attacks. The range depends on the relative cost of bit and qubit operations under the assumption that qubit operations cost $2^c$ bit operations for some constant $c$

On the Efficiency of Fast RSA Variants in Modern Mobile Phones

Modern mobile phones are increasingly being used for more services that require modern security mechanisms such as the public key cryptosystem RSA. It is, however, well known that public key cryptography demands considerable computing resources and that RSA encryption is much faster than RSA decryption. It is consequently an interesting question if RSA as a whole can be executed efficiently on modern mobile phones. In this paper, we explore the efficiency on modern mobile phones of variants of the RSA cryptosystem, covering CRT, MultiPrime RSA, MultiPower RSA, Rebalanced RSA and R Prime RSA by comparing the encryption and decryption time using a simple Java implementation and a typical RSA setup.Comment: 5 pages IEEE format, International Journal of Computer Science and Information Security, IJCSIS December 2009, ISSN 1947 5500, http://sites.google.com/site/ijcsis

Enhanced AAβ cryptosystem - a comparative analysis

A major enhancement strategy of the AAβ cryptosystem is currently proposed which incorporates the Rabin-p decryption method upon its original design while maintaining the key generation and encryption procedures. Consequently, such strategy improved the decryption procedure of the AAβ cryptosystem compare to any previously proposed design. In this paper, the aim is to provide a comparative analysis of the new design of the AAβ cryptosystem with the original and the other enhancement methods in existence. The scope of this work is a comparative analysis upon the decryption procedure only. The results show that the enhanced version of the AAβ cryptosystem is efficient in term of faster running time and lower memory consumption

An Efficient Variant of RSA Cryptosystem

An efficient variant of RSA cryptosystem was proposed by Cesar [2]. He called it Rprime RSA. The Rprime RSA is a combination of Mprime RSA [3] and Rebalanced RSA [9, 1]. Although the decryption speed of Rprime RSA is 27 times faster than the standard RSA and 8 times faster than the QC RSA [6] in theoretically, yet due to the large encryption exponent, the encryption process becomes slower than the standard RSA. In this paper we tried to improve the efficiency of encryption process with less compromising with the decryption speed

New attacks on prime power N = prq using good approximation of φ(N)

This paper proposes three new attacks. Our first attack is based on the RSA key equation ed − kφ(N) = 1 where φ(N) = pr-1(p-1)(q-1). Let q <p <2q and 2p 3r+2/r+1 |p r-1/r+1 – q r-1/r+1| < 1/6Ny with d = Nδ. If δ < 1-y/2 we shows that k/d can be recovered among the convergents of the continued fractions expansions of e/N-2N r/r+1 + N r-1/r+1. We furthered our analysis on j prime power moduli Ni = priqi satisfying a variant of the above mentioned condition. We utilized the LLL algorithm on j prime power public keys (Ni, ei) with Ni = priqi and we were able to factorize the j prime power moduli Ni = priqi simultaneously in polynomial time

New attacks on RSA with Moduli N = p^r q

International audienceWe present three attacks on the Prime Power RSA with mod-ulus N = p^r q. In the first attack, we consider a public exponent e satisfying an equation ex − φ(N)y = z where φ(N) = p^(r−1 )(p − 1)(q − 1). We show that one can factor N if the parameters |x| and |z| satisfy |xz| < N r(r−1) (r+1)/ 2 thereby extending the recent results of Sakar [16]. In the second attack, we consider two public exponents e1 and e2 and their corresponding private exponents d1 and d2. We show that one can factor N when d1 and d2 share a suitable amount of their most significant bits, that is |d1 − d2| < N r(r−1) (r+1) /2. The third attack enables us to factor two Prime Power RSA moduli N1 = p1^r q1 and N2 = p2^r q2 when p1 and p2 share a suitable amount of their most significant bits, namely, |p1 − p2| < p1/(2rq1 q2)

A New Public Key Cryptosystem Based on the Cubic Pell Curve

Since its invention in 1978 by Rivest, Shamir and Adleman, the public key cryptosystem RSA has become a widely popular and a widely useful scheme in cryptography. Its security is related to the difficulty of factoring large integers which are the product of two large prime numbers. For various reasons, several variants of RSA have been proposed, and some have different arithmetics such as elliptic and singular cubic curves. In 2018, Murru and Saettone proposed another variant of RSA based on the cubic Pell curve with a modulus of the form $N=pq$. In this paper, we present a new public key cryptosystem based on the arithmetic of the cubic Pell curve with a modulus of the form $N=p^rq^s$. Its security is based on the hardness of factoring composite integers, and on Rabin\u27s trapdoor one way function. In the new scheme, the arithmetic operations are performed on a cubic Pell curve which is known only to the sender and the recipient of a plaintext