A New Generalized Attack on RSA-like Cryptosystems

Michel Seck; Oumar Niang; Djiby Sow; Abderrahmane Nitaj; Mengce Zheng; Maher Boudabra

Paper 2025/380

A New Generalized Attack on RSA-like Cryptosystems

Michel Seck

, LTISI, CRISIN'2D, Ecole Polytechnique de Thies, Senegal

Oumar Niang, LTISI, CRISIN'2D, Ecole Polytechnique de Thies, Senegal

Djiby Sow, Dept. Mathematics and Computer Science, FST, UCAD, Senegal

Abderrahmane Nitaj

, Normandie Univ, UNICAEN, CNRS, LMNO, 14000 Caen, France

Mengce Zheng, Zhejiang Wanli University, Ningbo, China

Maher Boudabra, IPEIM, Monastir University, Tunisia, and Department of Mathematics, King Fahd University of Petroleum and Minerals, Dhahran, Saudi Arabia.

Abstract

Rivest, Shamir, and Adleman published the RSA cryptosystem in 1978, which has been widely used over the last four decades. The security of RSA is based on the difficulty of factoring large integers $N = pq$, where $p$ and $q$ are prime numbers. The public exponent $e$ and the private exponent $d$ are related by the equation $ed - k(p-1)(q-1) = 1$. Recently, Cotan and Teseleanu (NordSec 2023) introduced a variant of RSA, where the public exponent $e$ and the private exponent $d$ satisfy the equation $ed - k(p^n-1)(q^n-1) = 1$ for some positive integer $n$. In this paper, we study the general equation $eu - (p^n - 1)(q^n - 1)v = w$ with positive integers $u$ and $v$, and $w\in \mathbb{Z}$. We show that, given the public parameters $N$ and $e$, one can recover $u$ and $v$ and factor the modulus $N$ in polynomial time by combining continued fractions with Coppersmith's algorithm which relies on lattice reduction techniques, under specific conditions on $u$, $v$, and $w$. Furthermore, we show that if the private exponent $d$ in an RSA-like cryptosystem is either small or too large, then $N$ can be factored in polynomial time. This attack applies to the standard RSA cryptosystem.

Note: AfricaCrypt 2025 merged paper

Metadata

Available format(s): PDF
Category: Attacks and cryptanalysis
Publication info: Published elsewhere. Minor revision. AFRICACRYPT 2025
Keywords: RSA Continued fractions Crypanalysis Coppersmith's method Generalized Wiener attack
Contact author(s): mseck @ ept edu sn
oniang @ ept edu sn
djiby sow @ ucad edu sn
abderrahmane nitaj @ unicaen fr
mczheng @ zwu edu cn
maher boudabra @ gmail com
History: 2025-05-17: last of 2 revisions; 2025-02-27: received; See all versions
Short URL: https://ia.cr/2025/380
License: CC BY

BibTeX

@misc{cryptoeprint:2025/380,
      author = {Michel Seck and Oumar Niang and Djiby Sow and Abderrahmane Nitaj and Mengce Zheng and Maher Boudabra},
      title = {A New Generalized Attack on {RSA}-like Cryptosystems},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/380},
      year = {2025},
      url = {https://eprint.iacr.org/2025/380}
}