The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
일부 애플리케이션에서는 짧은 전용 지수 d RSA 공개 키 암호화 시스템의 암호 해독 또는 서명 프로세스를 개선하기 위해 선택되었습니다. 그러나 일반적인 RSA에서는 개인 지수가 d 먼저 선택되면 공개 지수가 e 는 와 같은 크기 차수여야 합니다(N). Sunet al. 불균형 소인수를 사용하여 세 가지 RSA 변형을 고안했습니다. p 및 q 계산 비용을 낮추기 위해. 불행하게도 Durfee와 Nguyen은 삼변량 모듈 다항식 방정식에 대한 작은 근을 풀어서 첫 번째와 세 번째 변형의 예시된 인스턴스를 깨뜨렸습니다. 그들은 또한 불균형 소수를 갖는 사례가 있음을 나타냈습니다. p 및 q 균형 잡힌 인스턴스보다 더 안전하지 않습니다. p 및 q. 이 조사는 균형 잡힌 새로운 RSA 변형을 설계하는 데 중점을 둡니다. p 및 q및 짧은 지수 d 및 e, Durfee & Nguyen의 공격 및 기타 기존 공격에 대한 RSA 변종의 보안을 향상합니다. 또한 제안된 변형(Scheme A)은 또 다른 RSA 변형(Scheme B)으로 확장됩니다. p 및 q 균형이 잡혀 있고, 길이 사이의 균형이 잡혀 있습니다. d 및 e 활성화됩니다. 또한 제안된 방식에 대한 보안 분석 및 타당성 분석을 제공합니다.
RSA, 암호화, 디지털 서명, 공개키 암호화 시스템
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
부
Hung-Min SUN, Cheng-Ta YANG, Mu-En WU, "Short-Exponent RSA" in IEICE TRANSACTIONS on Fundamentals,
vol. E92-A, no. 3, pp. 912-918, March 2009, doi: 10.1587/transfun.E92.A.912.
Abstract: In some applications, a short private exponent d is chosen to improve the decryption or signing process for RSA public key cryptosystem. However, in a typical RSA, if the private exponent d is selected first, the public exponent e should be of the same order of magnitude as φ(N). Sun et al. devised three RSA variants using unbalanced prime factors p and q to lower the computational cost. Unfortunately, Durfee & Nguyen broke the illustrated instances of the first and third variants by solving small roots to trivariate modular polynomial equations. They also indicated that the instances with unbalanced primes p and q are more insecure than the instances with balanced p and q. This investigation focuses on designing a new RSA variant with balanced p and q, and short exponents d and e, to improve the security of an RSA variant against the Durfee & Nguyen's attack, and the other existing attacks. Furthermore, the proposed variant (Scheme A) is also extended to another RSA variant (Scheme B) in which p and q are balanced, and a trade-off between the lengths of d and e is enable. In addition, we provide the security analysis and feasibility analysis of the proposed schemes.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E92.A.912/_p
부
@ARTICLE{e92-a_3_912,
author={Hung-Min SUN, Cheng-Ta YANG, Mu-En WU, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Short-Exponent RSA},
year={2009},
volume={E92-A},
number={3},
pages={912-918},
abstract={In some applications, a short private exponent d is chosen to improve the decryption or signing process for RSA public key cryptosystem. However, in a typical RSA, if the private exponent d is selected first, the public exponent e should be of the same order of magnitude as φ(N). Sun et al. devised three RSA variants using unbalanced prime factors p and q to lower the computational cost. Unfortunately, Durfee & Nguyen broke the illustrated instances of the first and third variants by solving small roots to trivariate modular polynomial equations. They also indicated that the instances with unbalanced primes p and q are more insecure than the instances with balanced p and q. This investigation focuses on designing a new RSA variant with balanced p and q, and short exponents d and e, to improve the security of an RSA variant against the Durfee & Nguyen's attack, and the other existing attacks. Furthermore, the proposed variant (Scheme A) is also extended to another RSA variant (Scheme B) in which p and q are balanced, and a trade-off between the lengths of d and e is enable. In addition, we provide the security analysis and feasibility analysis of the proposed schemes.},
keywords={},
doi={10.1587/transfun.E92.A.912},
ISSN={1745-1337},
month={March},}
부
TY - JOUR
TI - Short-Exponent RSA
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 912
EP - 918
AU - Hung-Min SUN
AU - Cheng-Ta YANG
AU - Mu-En WU
PY - 2009
DO - 10.1587/transfun.E92.A.912
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E92-A
IS - 3
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - March 2009
AB - In some applications, a short private exponent d is chosen to improve the decryption or signing process for RSA public key cryptosystem. However, in a typical RSA, if the private exponent d is selected first, the public exponent e should be of the same order of magnitude as φ(N). Sun et al. devised three RSA variants using unbalanced prime factors p and q to lower the computational cost. Unfortunately, Durfee & Nguyen broke the illustrated instances of the first and third variants by solving small roots to trivariate modular polynomial equations. They also indicated that the instances with unbalanced primes p and q are more insecure than the instances with balanced p and q. This investigation focuses on designing a new RSA variant with balanced p and q, and short exponents d and e, to improve the security of an RSA variant against the Durfee & Nguyen's attack, and the other existing attacks. Furthermore, the proposed variant (Scheme A) is also extended to another RSA variant (Scheme B) in which p and q are balanced, and a trade-off between the lengths of d and e is enable. In addition, we provide the security analysis and feasibility analysis of the proposed schemes.
ER -