The security of individual RSA bits

Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280) Pub Date : 1998-11-08 DOI:10.1109/SFCS.1998.743502

J. Håstad, M. Näslund

引用次数: 48

Abstract

We study the security of individual bits in an RSA encrypted message E/sub N/(X). We show that given E/sub N/(X), predicting any single bit in x with only a non-negligible advantage over the trivial guessing strategy is (through a polynomial time reduction) as hard as breaking RSA. We briefly discuss a related result for bit security of the discrete logarithm.

查看原文本刊更多论文

单个RSA位的安全性

我们研究了RSA加密消息E/sub N/(X)中单个比特的安全性。我们表明，给定E/sub N/(X)，预测X中的任何单个比特，仅比平凡的猜测策略具有不可忽略的优势(通过多项式时间减少)与破解RSA一样困难。我们简要地讨论了离散对数的位安全性的一个相关结果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280)

自引率

0.00%

发文量