- Full text PDF available (14)
- This year (0)
- Last 5 years (1)
- Last 10 years (7)
Journals and Conferences
In this work we consider a variant of RSA whose public and private exponents can be chosen significantly smaller than in typical RSA. In particular, we show that it is possible to have private exponents smaller thanN which are resistant to all known small private exponent attacks. This allows for instances of RSA with short CRT-exponents and short public… (More)
We give a bound on the Euclidean norm of factors of multivariate polynomials. The result is a simple extension of the bivariate case given by Coron, which is an extension of the univariate case given by Mignotte. We use the result to correct a proof by Ernst et al., regarding computing small integer solutions of certain trivariate polynomials.
We present new variants of an RSA whose key generation algorithms output two distinct RSA key pairs having the same public and private exponents. This family of variants, called dual RSA, can be used in scenarios that require two instances of RSA with the advantage of reducing the storage requirements for the keys. Two applications for dual RSA, blind… (More)
In 1982, Quisquater & Couvreur proposed a variant of RSA based on the Chinese Remainder Theorem, called RSA-CRT, to speed up RSA decryption. In 1990, Wiener suggested another variant, called Rebalanced RSA-CRT, which further speeds up RSA decryption by shifting decryption costs to encryption costs. However, this approach essentially maximizes the encryption… (More)
In this work, we consider the problem of key cloning in attribute-based encryption schemes. We introduce a new type of attribute-based encryption scheme, called token-based attributebased encryption, that provides strong deterrence for key cloning, in the sense that delegation of keys reveals some personal information about the user. We formalize the… (More)
In this work we collect the strongest known algebraic attacks on multi-prime RSA. These include factoring, small private exponent, small CRT exponent and partial key exposure attacks. Five of the attacks are new. A new variant of partial key exposure attacks is also introduced which applies only to multi-prime RSA with more than two primes.
In this work, we give a partial overview of lattice attacks in cryptography. While different kinds of attacks are considered, the emphasis of this work is given to attacks that are based on Coppersmith’s results for solving low degree multivariate modular equations and bivariate integer equations.
In this work we re-examine two common modulus attacks on RSA. First, we show that Guo’s continued fraction attack works much better in practice than previously expected. Given three instances of RSA with a common modulus N and private exponents each smaller than N the attack can factor the modulus about 93% of the time in practice. The success rate of the… (More)
In 1982, Quisquater and Couvreur proposed an RSA variant, called RSA-CRT, based on the Chinese Remainder Theorem to speed up RSA decryption. In 1990, Wiener suggested another RSA variant, called Rebalanced-RSA, which further speeds up RSA decryption by shifting decryption costs to encryption costs. However, this approach essentially maximizes the encryption… (More)