Paper 2024/1263
A Security Analysis of Two Classes of RSA-like Cryptosystems
Abstract
Let $N=pq$ be the product of two balanced prime numbers $p$ and $q$. In 2002, Elkamchouchi, Elshenawy and Shaban introduced an RSA-like cryptosystem that uses the key equation $ed - k (p^2-1)(q^2-1) = 1$, instead of the classical RSA key equation $ed - k (p-1)(q-1) = 1$. Another variant of RSA, presented in 2017 by Murru and Saettone, uses the key equation $ed - k (p^2+p+1)(q^2+q+1) = 1$. Despite the authors' claims of enhanced security, both schemes remain vulnerable to adaptations of common RSA attacks. Let $n$ be an integer. This paper proposes two families of RSA-like encryption schemes: one employs the key equation $ed - k (p^n-1)(q^n-1) = 1$ for $n > 0$, while the other uses $ed - k [(p^n-1)(q^n-1)]/[(p-1)(q-1)] = 1$ for $n > 1$. Note that we remove the conventional assumption of primes having equal bit sizes. In this scenario, we show that regardless of the choice of $n$, continued fraction-based attacks can still recover the secret exponent. Additionally, this work fills a gap in the literature by establishing an equivalent of Wiener's attack when the primes do not have the same bit size.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Journal of Mathematical Cryptography
- Keywords
- continued fractionssmall private key attackRSA
- Contact author(s)
-
paulcotan @ gmail com
george teseleanu @ yahoo com - History
- 2024-08-12: approved
- 2024-08-09: received
- See all versions
- Short URL
- https://ia.cr/2024/1263
- License
-
CC BY-NC-SA
BibTeX
@misc{cryptoeprint:2024/1263,
author = {Paul Cotan and George Teseleanu},
title = {A Security Analysis of Two Classes of {RSA}-like Cryptosystems},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/1263},
year = {2024},
url = {https://eprint.iacr.org/2024/1263}
}
