Converse results to the Wiener attack on RSA

Steinfeld, Ron, Contini, Scott, Wang, Huaxiong, & Pieprzyk, Josef (2005) Converse results to the Wiener attack on RSA. Public Key Cryptography - PKC 2005, 3386, pp. 184-198.

View at publisher

Abstract

A well-known attack on RSA with low secret-exponent d was given by Wiener about 15 years ago. Wiener showed that using continued fractions, one can efficiently recover the secret-exponent d from the public key (N,e) as long as d < N 1/4. Interestingly, Wiener stated that his attack may sometimes also work when d is slightly larger than N 1/4. This raises the question of how much larger d can be: could the attack work with non-negligible probability for d=N 1/4 + ρ for some constant ρ > 0? We answer this question in the negative by proving a converse to Wiener’s result. Our result shows that, for any fixed ε > 0 and all sufficiently large modulus lengths, Wiener’s attack succeeds with negligible probability over a random choice of d < N δ (in an interval of size Ω(N δ )) as soon as δ > 1/4 + ε. Thus Wiener’s success bound d<N 1/4 for his algorithm is essentially tight. We also obtain a converse result for a natural class of extensions of the Wiener attack, which are guaranteed to succeed even when δ > 1/4. The known attacks in this class (by Verheul and Van Tilborg and Dujella) run in exponential time, so it is natural to ask whether there exists an attack in this class with subexponential run-time. Our second converse result answers this question also in the negative.

Impact and interest:

6 citations in Scopus
Search Google Scholar™
6 citations in Web of Science®

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

ID Code: 73351
Item Type: Journal Article
Refereed: Yes
Additional Information: An issue of Lecture Notes in Computer Science for the 8th International Workshop on Theory and Practice in Public Key Cryptography, Les Diablerets, Switzerland, January 23-26, 2005. Proceedings; ISBN: 978-3-540-24454-7
DOI: 10.1007/978-3-540-30580-4_13
ISSN: 0302-9743
Divisions: Current > QUT Faculties and Divisions > Science & Engineering Faculty
Deposited On: 04 Jul 2014 01:12
Last Modified: 07 Jul 2014 02:12

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page