|
On a generalization of the Dujella method
K. D. Zhukov TPA Laboratory, Moscow
Abstract:
As a rule, large secret exponents are used in practical realizations of RSA cryptosystem with modulus $N=pq$. Nevertheless, there are many theoretical results on the cryptanalysis of RSA system with a small secret exponent. A method suggested by Dujella recovers secret exponents $d<DN^{0.25}$ with a run-time complexity $O(D\ln D)$ and space complexity $O(D)$. Weger have suggested an attack on the secret exponents $d<\frac{N^{0.75}}{p-q}$. We describe a generalization of the Dujella method to attack the exponents $d<D\frac{N^{0.75}}{p-q}$ with run-time complexity $O(D\ln D)$ and space complexity $O(D)$.
Key words:
RSA cryptosystem, Diophantine approximations, meet-in-the-middle attack.
Received 20.IV.2012
Citation:
K. D. Zhukov, “On a generalization of the Dujella method”, Mat. Vopr. Kriptogr., 4:3 (2013), 7–19
Linking options:
https://www.mathnet.ru/eng/mvk90https://doi.org/10.4213/mvk90 https://www.mathnet.ru/eng/mvk/v4/i3/p7
|
Statistics & downloads: |
Abstract page: | 435 | Full-text PDF : | 362 | References: | 57 |
|