The Wiener attack on RSA revisited: A quest for the exact bound
Since Wiener pointed out that the RSA can be broken if the private exponent d is relatively small compared to the modulus N (using the continued fraction technique), it has been a general belief that the Wiener attack works for. On the contrary, in this work, we give an example where the Wiener atta...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2019
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/7408 https://ink.library.smu.edu.sg/context/sis_research/article/8411/viewcontent/The_Wiener_Attack_on_RSA_Revisited.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-8411 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-84112023-08-11T05:12:42Z The Wiener attack on RSA revisited: A quest for the exact bound SUSILO, Willy TONIEN, Joseph YANG, Guomin Since Wiener pointed out that the RSA can be broken if the private exponent d is relatively small compared to the modulus N (using the continued fraction technique), it has been a general belief that the Wiener attack works for. On the contrary, in this work, we give an example where the Wiener attack fails with, thus, showing that the bound is not accurate as it has been thought of. By using the classical Legendre Theorem on continued fractions, in 1999 Boneh provided the first rigorous proof which showed that the Wiener attack works for. However, the question remains whether is the best bound for the Wiener attack. Additionally, the question whether another rigorous proof for a better bound exists remains an elusive research problem. In this paper, we attempt to answer the aforementioned problems by improving Boneh’s bound after the two decades of research. By a new proof, we show that the Wiener continued fraction technique works for a wider range, namely, for. Our new analysis is supported by an experimental result where it is shown that the Wiener attack can successfully perform the factorization on the RSA modulus N and determine a private key d where. 2019-07-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7408 info:doi/10.1007/978-3-030-21548-4_21 https://ink.library.smu.edu.sg/context/sis_research/article/8411/viewcontent/The_Wiener_Attack_on_RSA_Revisited.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University RSA Continued fractions Wiener technique Small secret exponent Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
RSA Continued fractions Wiener technique Small secret exponent Information Security |
| spellingShingle |
RSA Continued fractions Wiener technique Small secret exponent Information Security SUSILO, Willy TONIEN, Joseph YANG, Guomin The Wiener attack on RSA revisited: A quest for the exact bound |
| description |
Since Wiener pointed out that the RSA can be broken if the private exponent d is relatively small compared to the modulus N (using the continued fraction technique), it has been a general belief that the Wiener attack works for. On the contrary, in this work, we give an example where the Wiener attack fails with, thus, showing that the bound is not accurate as it has been thought of. By using the classical Legendre Theorem on continued fractions, in 1999 Boneh provided the first rigorous proof which showed that the Wiener attack works for. However, the question remains whether is the best bound for the Wiener attack. Additionally, the question whether another rigorous proof for a better bound exists remains an elusive research problem. In this paper, we attempt to answer the aforementioned problems by improving Boneh’s bound after the two decades of research. By a new proof, we show that the Wiener continued fraction technique works for a wider range, namely, for. Our new analysis is supported by an experimental result where it is shown that the Wiener attack can successfully perform the factorization on the RSA modulus N and determine a private key d where. |
| format |
text |
| author |
SUSILO, Willy TONIEN, Joseph YANG, Guomin |
| author_facet |
SUSILO, Willy TONIEN, Joseph YANG, Guomin |
| author_sort |
SUSILO, Willy |
| title |
The Wiener attack on RSA revisited: A quest for the exact bound |
| title_short |
The Wiener attack on RSA revisited: A quest for the exact bound |
| title_full |
The Wiener attack on RSA revisited: A quest for the exact bound |
| title_fullStr |
The Wiener attack on RSA revisited: A quest for the exact bound |
| title_full_unstemmed |
The Wiener attack on RSA revisited: A quest for the exact bound |
| title_sort |
wiener attack on rsa revisited: a quest for the exact bound |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2019 |
| url |
https://ink.library.smu.edu.sg/sis_research/7408 https://ink.library.smu.edu.sg/context/sis_research/article/8411/viewcontent/The_Wiener_Attack_on_RSA_Revisited.pdf |
| _version_ |
1779156844417122304 |