In this paper, we present a new attack on RSA when the public exponent is short, for instance 3 or 216 +1, and when the classical exponent randomization is used. This attack works ...
We propose a key generation method for RSA moduli which allows the cost of the public operations (encryption/verifying) and the private operations (decryption/signing) to be balanc...
Steven D. Galbraith, Chris Heneghan, James F. McKe...
We present an elementary method to construct optimized lattices that are used for finding small roots of polynomial equations. Former methods first construct some large lattice i...
We present several attacks on RSA that factor the modulus in polynomial time under the condition that a fraction of the most significant bits or least significant bits of the pri...
Matthias Ernst, Ellen Jochemsz, Alexander May, Ben...
Abstract. Consider the RSA public key cryptosystem with the parameters N = pq, q < p < 2q, public encryption exponent e and private decryption exponent d. In this paper, cryp...