On the Security of RSA with Primes Sharing Least-Significant Bits

13 years 11 months ago

Download coitweb.uncc.edu

Abstract. We investigate the security of a variant of the RSA public-key cryptosystem called LSBS-RSA, in which the modulus primes share a large number of least-significant bits.We show that low public-exponent LSBS-RSA is inherently resistant to Partial Key Exposure (PKE) attacks in which least-significant bits of the secret exponent are revealed to the attacker, and in particular that the Boneh-Durfee-Frankel PKE attack [5] on low public-exponent RSA is less effective for LSBS-RSA systems than for standard RSA. On the other hand, we show that large public-exponent LSBS-RSA is more vulnerable to such attacks than standard RSA. An application to server-aided RSA signature generation is proposed.

Ron Steinfeld, Yuliang Zheng

Real-time Traffic

AAECC 2004 | Algorithms | Low Public-exponent Rsa | RSA Public-key Cryptosystem | Standard Rsa |

claim paper

Post Info
More Details (n/a)

Added	15 Dec 2010
Updated	15 Dec 2010
Type	Journal
Year	2004
Where	AAECC
Authors	Ron Steinfeld, Yuliang Zheng

Comments (0)

Sciweavers

On the Security of RSA with Primes Sharing Least-Significant Bits

AAECC 2004 | Algorithms | Low Public-exponent Rsa | RSA Public-key Cryptosystem | Standard Rsa |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers