**On Security of Koyama Schemes**

*Sahadeo Padhye*

**Abstract: **Attack is possible upon all three RSA analogue PKCs based on singular cubic curves given by Koyama. While saying so, Seng et al observed that the scheme become insecure if a linear relation is known between two plaintexts. In this case, attacker has to compute greatest common divisor of two polynomials corresponding to those two plaintexts. However, the computation of greatest common divisor of two polynomials is not efficient. For the reason, the degree e of both polynomials, an encryption exponent, is quite large. In this paper, we propose an algorithm, which makes the attack considerably efficient. Subsequently we identify isomorphic attack on the Koyama schemes by using the isomorphism between two singular cubic curves.

**Category / Keywords: **public-key cryptography /

**Date: **received 14 May 2005

**Contact author: **sahadeo_mathrsu at yahoo com

**Available format(s): **PDF | BibTeX Citation

**Note: **no comments

**Version: **20050529:211747 (All versions of this report)

**Short URL: **ia.cr/2005/153

**Discussion forum: **Show discussion | Start new discussion

[ Cryptology ePrint archive ]