Low exponent attack against elliptic curve RSA

被引：0

作者：

Kurosawa, E ^{[1
]}

Okada, K ^{[1
]}

Tsujii, S ^{[1
]}

机构：

[1] CHUO UNIV,DEPT INFORMAT SYST ENGN,BUNKYO KU,TOKYO 112,JAPAN

来源：

ADVANCES IN CRYPTOLOGY - ASIACRYPT '94 | 1995年 / 917卷

关键词：

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Hastad showed that low exponent RSA is not secure if the same message is encrypted to several receivers. This is true even if time-stamp is used for each receiver. For example, let e = 3. Then if the number of receivers = 7, the eavesdropper can find the plaintext from the seven ciphertexts of each receiver. This paper shows that elliptic curve RSA is not secure in the same scenario. It is shown that the KMOV scheme and Demytko's scheme are not secure if e = 5, n greater than or equal to 2(1024) and the number of receivers = 428. In Demytko's scheme, e can take the value of 2. In this case, this system is not secure if the number of receiver = 11 for n 2 greater than or equal to 2(175).

引用

页码：376 / 383

页数：8

共 50 条

[31] Remarks on using RSA with low exponent in a public network
He, WH
Wu, TC
Lin, CY
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 2002, 18 (02) : 341 - 344
[32] ON USING RSA WITH LOW EXPONENT IN A PUBLIC KEY NETWORK
HASTAD, J
LECTURE NOTES IN COMPUTER SCIENCE, 1986, 218 : 403 - 408
[33] Attacks on low private exponent RSA: an experimental study
Nguyen, Thuc D.
Than Duc Nguyen
Tran, Long D.
PROCEEDINGS OF THE 2013 13TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND ITS APPLICATIONS (ICCSA 2013), 2013, : 162 - 165
[34] Exceptional procedure attack on elliptic curve cryptosystems
Izu, T
Takagi, T
PUBLIC KEY CRYPTOGRAPHY - PKC 2003, PROCEEDINGS, 2003, 2567 : 224 - 239
[35] Partial Key Exposure Attack on Short Secret Exponent CRT-RSA
May, Alexander
Nowakowski, Julian
Sarkar, Santanu
ADVANCES IN CRYPTOLOGY - ASIACRYPT 2021, PT I, 2021, 13090 : 99 - 129
[36] Coppersmith's lattices and "focus groups": An attack on small-exponent RSA
Miller, Stephen D.
Narayanan, Bhargav
Venkatesan, Ramarathnam
JOURNAL OF NUMBER THEORY, 2021, 222 : 376 - 392
[37] ON THE EXPONENT OF THE GROUP OF POINTS OF AN ELLIPTIC CURVE OVER A FINITE FIELD
Pappalardi, Francesco
PROCEEDINGS OF THE AMERICAN MATHEMATICAL SOCIETY, 2011, 139 (07) : 2337 - 2341
[38] A timing attack against RSA with the Chinese remainder theorem
Schindler, W
CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS-CHES 2000, PROCEEDINGS, 2001, 1965 : 109 - 124
[39] Comparing elliptic curve cryptography and RSA on 8-bit CPUs
Gura, N
Patel, A
Wander, A
Eberle, H
Shantz, SC
CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS - CHES 2004, PROCEEDINGS, 2004, 3156 : 119 - 132
[40] Performance Evaluation of RSA Variants and Elliptic Curve Cryptography on Handheld Devices
Bhatta, Jagdish
Pandey, Lok Prakash
INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2011, 11 (11): : 8 - 13

← 1 2 3 4 5 →