Journal of Information Security and Applications ( IF 3.8 ) Pub Date : 2020-05-16 , DOI: 10.1016/j.jisa.2020.102531 Willy Susilo , Joseph Tonien , Guomin Yang
Since Wiener pointed out that the RSA can be broken if the private exponent d is relatively small compared to the modulus N, it has been a general belief that the Wiener attack works for . On the contrary, in [1], it was shown that the bound is not accurate as it has been thought of. Specifically, for the standard assumption of the two primes p and q that q < p < 2q, the Wiener continued fraction technique is proven to work for . In this paper, we consider a general condition on the RSA primes, namely q < p < α q, and we give the corresponding bound for the Wiener attack to work, which is . In a special case when this general bound agrees with the result of [1].
中文翻译:
RSA的Wiener攻击的广义边界
由于Wiener指出,如果私有指数d与模数N相比较小,则RSA可能会被破坏,因此人们普遍认为Wiener攻击适用于。相反,在[1]中表明正如所想到的那样不准确。具体地,对于两个素数的标准假设p和q的是q < p <2 q,维纳连分数技术被证明工作。在本文中,我们考虑对RSA素数的一般条件,即q < p < α q,我们给出相应的约束维纳攻击工作,这是。在特殊情况下 该一般界限与[1]的结果一致。