A new attack on RSA with a composed decryption exponent

Abderrahmane Nitaj; Mohamed Ould Douh

Paper 2013/846

A new attack on RSA with a composed decryption exponent

Abderrahmane Nitaj and Mohamed Ould Douh

Abstract

In this paper, we consider an RSA modulus $N = p q$ , where the prime factors $p$ , $q$ are of the same size. We present an attack on RSA when the decryption exponent $d$ is in the form $d = M d_{1} + d_{0}$ where $M$ is a given positive integer and $d_{1}$ and $d_{0}$ are two suitably small unknown integers. In 1999, Boneh and Durfee~\cite{BODU} presented an attack on RSA when $d < N^{0.292}$ . When $d = M d_{1} + d_{0}$ , our attack enables one to overcome Boneh and Durfee's bound and to factor the RSA modulus.

Metadata

Available format(s): -- withdrawn --
Category: Public-key cryptography
Publication info: Preprint. MINOR revision.
Keywords: RSA Cryptanalysis Factorization LLL algorithm Coppersmith's method
Contact author(s): abderrahmane nitaj @ unicaen fr
History: 2013-12-30: withdrawn; 2013-12-17: received; See all versions
Short URL: https://ia.cr/2013/846
License: CC BY