Concurrent factorization of RSA moduli via weak key equations
The Rivest-Shamir-Adleman (RSA) algorithm is a widely utilized technique in asymmetric cryptography, primarily for verifying digital signatures and encrypting messages. Its security relies on the integer factorization problem’s difficulty, which is computationally infeasible with large security para...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
American Institute of Mathematical Sciences
2024
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/114924/ http://psasir.upm.edu.my/id/eprint/114924/1/114924.pdf |
| _version_ | 1848866635779145728 |
|---|---|
| author | Ruzai, Wan Nur Aqlili Ying, You Muhammad, Khairun Nisak Asbullah, Muhammad Asyraf Ariffin, Muhammad Rezal Kamel |
| author_facet | Ruzai, Wan Nur Aqlili Ying, You Muhammad, Khairun Nisak Asbullah, Muhammad Asyraf Ariffin, Muhammad Rezal Kamel |
| author_sort | Ruzai, Wan Nur Aqlili |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | The Rivest-Shamir-Adleman (RSA) algorithm is a widely utilized technique in asymmetric cryptography, primarily for verifying digital signatures and encrypting messages. Its security relies on the integer factorization problem’s difficulty, which is computationally infeasible with large security parameters. However, this study revealed scenarios where an attacker can concurrently factorize multiple RSA moduli Ni = piqi under specific conditions. The attack is feasible when the attacker possesses a set of RSA key pairs with certain flaws, allowing each Ni to be factored in polynomial time. We identified vulnerabilities in RSA keys that satisfy particular equations by applying Diophantine approximation and Coppersmith’s lattice-based technique. For instance, the study demonstrates that if RSA public exponents ei and moduli Ni adhere to eir − (Ni − pi − qi + ui)si = ti, where r, si, ui, and ti are small integers, then all Ni can be factorized simultaneously. Additionally, another vulnerability arises when RSA parameters satisfy eiri − s(Ni − pi − qi + ui) = ti, enabling concurrent factorization with small integers s, ri, ui, and ti. This research expands the understanding of RSA security by identifying specific conditions under which RSA public-key pairs can be compromised. These findings are relevant to the broader field of cryptography and the ongoing efforts to secure communication systems against sophisticated adversaries. |
| first_indexed | 2025-11-15T14:23:44Z |
| format | Article |
| id | upm-114924 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T14:23:44Z |
| publishDate | 2024 |
| publisher | American Institute of Mathematical Sciences |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-1149242025-02-12T02:21:50Z http://psasir.upm.edu.my/id/eprint/114924/ Concurrent factorization of RSA moduli via weak key equations Ruzai, Wan Nur Aqlili Ying, You Muhammad, Khairun Nisak Asbullah, Muhammad Asyraf Ariffin, Muhammad Rezal Kamel The Rivest-Shamir-Adleman (RSA) algorithm is a widely utilized technique in asymmetric cryptography, primarily for verifying digital signatures and encrypting messages. Its security relies on the integer factorization problem’s difficulty, which is computationally infeasible with large security parameters. However, this study revealed scenarios where an attacker can concurrently factorize multiple RSA moduli Ni = piqi under specific conditions. The attack is feasible when the attacker possesses a set of RSA key pairs with certain flaws, allowing each Ni to be factored in polynomial time. We identified vulnerabilities in RSA keys that satisfy particular equations by applying Diophantine approximation and Coppersmith’s lattice-based technique. For instance, the study demonstrates that if RSA public exponents ei and moduli Ni adhere to eir − (Ni − pi − qi + ui)si = ti, where r, si, ui, and ti are small integers, then all Ni can be factorized simultaneously. Additionally, another vulnerability arises when RSA parameters satisfy eiri − s(Ni − pi − qi + ui) = ti, enabling concurrent factorization with small integers s, ri, ui, and ti. This research expands the understanding of RSA security by identifying specific conditions under which RSA public-key pairs can be compromised. These findings are relevant to the broader field of cryptography and the ongoing efforts to secure communication systems against sophisticated adversaries. American Institute of Mathematical Sciences 2024-09-29 Article PeerReviewed text en cc_by_4 http://psasir.upm.edu.my/id/eprint/114924/1/114924.pdf Ruzai, Wan Nur Aqlili and Ying, You and Muhammad, Khairun Nisak and Asbullah, Muhammad Asyraf and Ariffin, Muhammad Rezal Kamel (2024) Concurrent factorization of RSA moduli via weak key equations. AIMS Mathematics, 9 (10). pp. 28211-28231. ISSN 2473-6988; eISSN: 2473-6988 http://www.aimspress.com/article/doi/10.3934/math.20241368 10.3934/math.20241368 |
| spellingShingle | Ruzai, Wan Nur Aqlili Ying, You Muhammad, Khairun Nisak Asbullah, Muhammad Asyraf Ariffin, Muhammad Rezal Kamel Concurrent factorization of RSA moduli via weak key equations |
| title | Concurrent factorization of RSA moduli via weak key equations |
| title_full | Concurrent factorization of RSA moduli via weak key equations |
| title_fullStr | Concurrent factorization of RSA moduli via weak key equations |
| title_full_unstemmed | Concurrent factorization of RSA moduli via weak key equations |
| title_short | Concurrent factorization of RSA moduli via weak key equations |
| title_sort | concurrent factorization of rsa moduli via weak key equations |
| url | http://psasir.upm.edu.my/id/eprint/114924/ http://psasir.upm.edu.my/id/eprint/114924/ http://psasir.upm.edu.my/id/eprint/114924/ http://psasir.upm.edu.my/id/eprint/114924/1/114924.pdf |