Paper 2012/588

Breaking Public Keys - How to Determine an Unknown RSA Public Modulus

Hans-Joachim Knobloch

Abstract

Not surprisingly, the common use of any public key crypto system involves publishing the public key and keeping the private key secret. There are however a few applications where both the private and public key are kept secret, thereby effectively converting a public key crypto algorithm to a symmetric algorithm. We show that if the RSA cryptosystem is used in such a symmetric application, it is possible to determine the public RSA modulus if the public exponent is known and short, such as 3 or F4=65537, and two or more plaintext/ciphertext (or, if RSA is used for signing, signed value/signature) pairs are known.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
cryptanalysis block cipher RSA
Contact author(s)
hans-joachim knobloch @ secorvo de
History
2012-10-25: received
Short URL
https://ia.cr/2012/588
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/588,
      author = {Hans-Joachim Knobloch},
      title = {Breaking Public Keys - How to Determine an Unknown RSA Public Modulus},
      howpublished = {Cryptology ePrint Archive, Paper 2012/588},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/588}},
      url = {https://eprint.iacr.org/2012/588}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.