| RSA密码系统小CRT解密指数的攻击分析 |
| |
| 引用本文: | 韩立东,王小云,许光午.RSA密码系统小CRT解密指数的攻击分析[J].中国科学:信息科学,2011(2). |
| |
| 作者姓名: | 韩立东 王小云 许光午 |
| |
| 作者单位: | 山东大学密码技术与信息安全教育部重点实验室;山东大学数学学院;清华大学高等研究院;Department;Electrical;Engineering;Computer;Science;University;Wisconsin-Milwaukee;Milwaukee;WI53201; |
| |
| 基金项目: | 国家自然科学基金(批准号:60910118); 国家重点基础研究发展计划(批准号:2007CB807902); 清华大学自主科研计划(批准号:2009THZ01002)资助项目 |
| |
| 摘 要: | 本文旨在讨论使用中国剩余定理(CRT)表示解密指数的RSA系统.由于中国剩余定理表示可被用来提高计算速度,这样的系统具有很高的实际应用价值.文中主要分析当前文献中一个对具有小CRT解密指数的RSA系统的攻击.本文指出,该攻击巧妙地运用了格理论,但其中某些论断一般是不正确的,并为此提供了几个反例.本文改进并完善了这个小CRT解密指数的攻击方法.
|
| 关 键 词: | RSA 中国剩余定理 密码分析 连分数 格归约 |
On an attack on RSA with small CRT-exponents |
| |
| HAN LiDong,WANG XiaoYun & XU GuangWu, Key Laboratory of Cryptologic Technology , Information Security,Ministry of Education,Sh,ong University,Jinan ,China, School of Mathematics, Institute for Advanced Study,Tsinghua University,Beijing.On an attack on RSA with small CRT-exponents[J].Scientia Sinica Informationis,2011(2). |
| |
| Authors: | HAN LiDong WANG XiaoYun & XU GuangWu Key Laboratory of Cryptologic Technology Information Security Ministry of Education Sh ong University Jinan China School of Mathematics Institute for Advanced Study Tsinghua University Beijing |
| |
| Affiliation: | HAN LiDong1,2,WANG XiaoYun3 & XU GuangWu3,4 1 Key Laboratory of Cryptologic Technology and Information Security,Ministry of Education,Shandong University,Jinan 250100,China,2 School of Mathematics,3 Institute for Advanced Study,Tsinghua University,Beijing 100084,4 Department of Electrical Engineering and Computer Science,University of Wisconsin-Milwaukee,Milwaukee,WI 53201,USA |
| |
| Abstract: | This paper concerns the RSA system with private CRT-exponents.Since Chinese remainder representation provides efficiency in computation,such system is of some practical significance.In this paper,an existing attack to small private CRT-exponents is analyzed.It is indicated that this attack makes nice use of lattice in RSA analysis,but some argument does not hold in general.Several counterexamples are constructed.Refinements and more precise statements of the attack are given. |
| |
| Keywords: | RSA CRT cryptanalysis continued fraction lattice reduction |
| 本文献已被 CNKI 等数据库收录! |
|
