Partial Key Exposure: Generalized Framework to Attack RSA | SpringerLink
Skip to main content
Springer Nature Link
Log in

Partial Key Exposure: Generalized Framework to Attack RSA

  • Conference paper
Progress in Cryptology – INDOCRYPT 2011 (INDOCRYPT 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7107))

Included in the following conference series:

  • 1032 Accesses

Abstract

In the domain of modern public key cryptography, RSA is the most popular system in use. Efficient factorization of the RSA modulus N, constituted as a product of two primes p, q of ‘large’ bitsize, is a challenging problem in RSA cryptanalysis. The solution to this factorization is aided if the attacker gains partial knowledge about the decryption exponent of RSA. This line of attack is called the Partial Key Exposure attack, and there exists an extensive literature in this direction.

In this paper, we study partial key exposure attacks on RSA where the number of unexposed blocks in the decryption exponent is more than one. The existing works have considered only one unexposed block and thus our work provides a generalization of the existing attacks. We propose lattice based approaches to factorize the RSA modulus N = pq (for large primes p, q) when the number of unexposed blocks is n ≥ 1. We also analyze the ISO/IEC 9796-2 standard signature scheme (based on CRT-RSA) with partially known messages.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 5719
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 7149
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Blömer, J., May, A.: New Partial Key Exposure Attacks on RSA. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 27–43. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  2. Boneh, D., Durfee, G., Frankel, Y.: An Attack on RSA Given a Small Fraction of the Private Key Bits. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 25–34. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  3. Boneh, D., Durfee, G.: Cryptanalysis of RSA with Private Key d Less Than N 0. 292. IEEE Transactions on Information Theory 46(4), 1339–1349 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  4. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. Journal of Cryptology 14(2), 101–119 (2001)

    Article  MathSciNet  MATH  Google Scholar 

  5. Coron, J.-S., Joux, A., Kizhvatov, I., Naccache, D., Paillier, P.: Fault Attacks on RSA Signatures with Partially Unknown Messages. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 444–456. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  6. Coron, J.-S., Naccache, D., Tibouchi, M.: Fault Attacks Against emv Signatures. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 208–220. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  7. Ernst, M., Jochemsz, E., May, A., de Weger, B.: Partial Key Exposure Attacks on RSA up to Full Size Exponents. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 371–386. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  8. Herrmann, M., May, A.: Solving Linear Equations Modulo Divisors: On Factoring Given Any Bits. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 406–424. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  9. Heninger, N., Shacham, H.: Reconstructing RSA Private Keys from Random Key Bits. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 1–17. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  10. Howgrave-Graham, N.: Finding small roots of univariate modular equations revisited. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 131–142. Springer, Heidelberg (1997)

    Google Scholar 

  11. ISO/IEC 9796-2, Information technology - Security techniques - Digital signature scheme giving message recovery, Part 2: Mechanisms using a hash-function (1997)

    Google Scholar 

  12. Jochemsz, E., May, A.: A Strategy for Finding Roots of Multivariate Polynomials with New Applications in Attacking RSA Variants. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 267–282. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  13. Kocher, P.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  14. Lenstra, A.K., Lenstra Jr., H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Annalen 261(4), 513–534 (1982)

    Article  MathSciNet  MATH  Google Scholar 

  15. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public key cryptosystems. Communications of ACM 21(2), 158–164 (1978)

    Article  MathSciNet  MATH  Google Scholar 

  16. Sarkar, S., Maitra, S.: Cryptanalysis of RSA with more than one Decryption Exponent. Information Processing Letters 110(8-9), 336–340 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  17. Wiener, M.: Cryptanalysis of Short RSA Secret Exponents. IEEE Transactions on Information Theory 36(3), 553–558 (1990)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Indian Statistical Institute, 203 B T Road, Kolkata, 700 108, India

    Santanu Sarkar

Authors
  1. Santanu Sarkar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Illinois at Chicago, 60607–7053, Chicago, IL, USA

    Daniel J. Bernstein

  2. Indian Institute of Science, India

    Sanjit Chatterjee

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sarkar, S. (2011). Partial Key Exposure: Generalized Framework to Attack RSA. In: Bernstein, D.J., Chatterjee, S. (eds) Progress in Cryptology – INDOCRYPT 2011. INDOCRYPT 2011. Lecture Notes in Computer Science, vol 7107. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25578-6_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25578-6_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25577-9

  • Online ISBN: 978-3-642-25578-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation