New vulnerability of RSA modulus type N = p2q
This paper proposes new attacks on modulus of type N = p2q. Given k moduli of the form Ni = p2iqi for k ≥ 2 and i = 1, …, k, the attack works when k public keys (Ni, ei) are such that there exist k relations of the shape eix – Niyi = zi – (ap2i + bq2i)yi or of the shape eixi – Niy = zi – (ap2i + bq2...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Institute for Mathematical Research, Universiti Putra Malaysia
2017
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/58178/ http://psasir.upm.edu.my/id/eprint/58178/1/75-88.pdf |
| Summary: | This paper proposes new attacks on modulus of type N = p2q. Given k moduli of the form Ni = p2iqi for k ≥ 2 and i = 1, …, k, the attack works when k public keys (Ni, ei) are such that there exist k relations of the shape eix – Niyi = zi – (ap2i + bq2i)yi or of the shape eixi – Niy = zi – (ap2i + bq2i)y where the parameters x, xi, y, yi and zi are suitably small in terms of the prime factors of the moduli. The proposed attacks utilizing the LLL algorithm enables one to factor the k moduli Ni simultaneously. |
|---|