Generating a Shortest B-Chain using Multi-GPUs

Let B be a finite set of binary operations over the set of natural numbers N. A B-chain for a natural number n, denoted by BC(n), is a sequence of numbers 1 = c0,c1,...,cl = n such that for each i \u3e 0,ci = cj ◦ck, where 0 ≤ j,k ≤ i−1 and ◦ is an operation of B. Generating a shortest B-chain for n plays an important role in increasing the performance of some cryptosystems and protocols. This paper has two purposes. The first is to propose a generic algorithm to generate a shortest B-chain using a single CPU and a single GPU for any B. The second is to propose two strategies to improve the generation of a shortest B-chain using two (or more) GPUs. Using two GPUs, the experimental study shows that the first strategy improves the performance by about 20%, while the second strategy improves the performance by about 30 ∼ 35% in case of B = {+}. It is also possible to combine both strategies when we have at least four GPUs

A Unified Method for Private Exponent Attacks on RSA using Lattices

International audienceLet (n = pq, e = n^β) be an RSA public key with private exponent d = n^δ , where p and q are large primes of the same bit size. At Eurocrypt 96, Coppersmith presented a polynomial-time algorithm for finding small roots of univariate modular equations based on lattice reduction and then succussed to factorize the RSA modulus. Since then, a series of attacks on the key equation ed − kφ(n) = 1 of RSA have been presented. In this paper, we show that many of such attacks can be unified in a single attack using a new notion called Coppersmith's interval. We determine a Coppersmith's interval for a given RSA public key (n, e). The interval is valid for any variant of RSA, such as Multi-Prime RSA, that uses the key equation. Then we show that RSA is insecure if δ < β + 1/3 α − 1/3 √ (12αβ + 4α^2) provided that we have approximation p0 ≥ √ n of p with |p − p0| ≤ 1/2 n^α , α ≤ 1/2. The attack is an extension of Coppersmith's result

Factoring RSA Modulus with Primes not Necessarily Sharing Least Significant Bits

The security of many public-key cryptosystems, such as RSA, is based on the difficulty of factoring a composite integer. Until now, there is no known polynomial time algorithm to factor any composite integer with classical computers. In this paper, we study factoring n when n= pq is a product of two primes p and q satisfying that p≡lk1 mod 2q1 and q≡lk2 mod 2q2 for some positive integers q1,q2, k1, k2 ≤ logn and l.We show that n can be factored in time polynomial in logn if l \u3c 2q and either | p−lk1 2q1 || q−lk2 2q2 |\u3c lk or 2q ′ ≥ n1/4, where q = min{q1,q2}, q ′ = max{q1,q2} and k = min{k1, k2}. We also show that the result of Steinfeld and Zheng [21] when the two primes p and q share least significant bits is a special case of our results. Our results point out the warring for cryptographic designers to be careful when generating primes for the RSA modulu

A Unified Method for Private Exponent Attacks on RSA using Lattices

International audienceLet (n = pq, e = n^β) be an RSA public key with private exponent d = n^δ , where p and q are large primes of the same bit size. At Eurocrypt 96, Coppersmith presented a polynomial-time algorithm for finding small roots of univariate modular equations based on lattice reduction and then succussed to factorize the RSA modulus. Since then, a series of attacks on the key equation ed − kφ(n) = 1 of RSA have been presented. In this paper, we show that many of such attacks can be unified in a single attack using a new notion called Coppersmith's interval. We determine a Coppersmith's interval for a given RSA public key (n, e). The interval is valid for any variant of RSA, such as Multi-Prime RSA, that uses the key equation. Then we show that RSA is insecure if δ < β + 1/3 α − 1/3 √ (12αβ + 4α^2) provided that we have approximation p0 ≥ √ n of p with |p − p0| ≤ 1/2 n^α , α ≤ 1/2. The attack is an extension of Coppersmith's result

Small Private Exponent Attacks on RSA Using Continued Fractions and Multicore Systems

The RSA (Rivest–Shamir–Adleman) asymmetric-key cryptosystem is widely used for encryptions and digital signatures. Let (n,e) be the RSA public key and d be the corresponding private key (or private exponent). One of the attacks on RSA is to find the private key d using continued fractions when d is small. In this paper, we present a new technique to improve a small private exponent attack on RSA using continued fractions and multicore systems. The idea of the proposed technique is to find an interval that contains ϕ(n), and then propose a method to generate different points in the interval that can be used by continued fraction and multicore systems to recover the private key, where ϕ is Euler’s totient function. The practical results of three small private exponent attacks on RSA show that we extended the previous bound of the private key that is discovered by continued fractions. When n is 1024 bits, we used 20 cores to extend the bound of d by 0.016 for de Weger, Maitra-Sarkar, and Nassr et al. attacks in average times 7.67 h, 2.7 h, and 44 min, respectively

Determination of chemical kinetic parameters in Arrhenius equation of constant heating rate: Theoretical method

The article offers a brand-new nonlinear method of figuring out the thermally dissolved material’s free activation energy and pre-exponential factor using a non-isothermal kinetic process. The material is thermally decomposed for a known function in a conversion mass fraction and residual mass fraction under the conditions of the thermochemical reaction, which is defined by the Arrhenius equation. The experimental data establishes a new method based on the least squares method to directly calculate the free activation energy and pre-exponential factor, respectively. We assume that the researcher in a laboratory, during the process of subjecting the material to a constant rate of temperature increase, takes several different measurements for the conversion mass fraction with corresponding values of temperature throughout the process of thermal decomposition of a material. Therefore, in this investigation, we present how to calculate the activation energy and the pre-exponential factor of a material from the information of several points for temperature values during the thermal decomposition process of a material and the corresponding conversion mass fraction. We have discovered that the more measurements we take, the more precise our calculations become. This approach depends on the precise analytical answer to the Arrhenius equation