Wan Nur Aqlili Ruzai , Muhammad Rezal Kamel Ariffin , Muhammad Asyraf Asbullah , Amir Hamzah Abd Ghafar
{"title":"对广义 RSA 密钥方程的新同步 Diophantine 攻击","authors":"Wan Nur Aqlili Ruzai , Muhammad Rezal Kamel Ariffin , Muhammad Asyraf Asbullah , Amir Hamzah Abd Ghafar","doi":"10.1016/j.jksuci.2024.102074","DOIUrl":null,"url":null,"abstract":"<div><p>RSA stands as a widely adopted method within asymmetric cryptography, commonly applied for digital signature validation and message encryption. The security of RSA relies on the challenge of integer factorization, a problem considered either computationally infeasible or highly intricate, especially when dealing with sufficiently large security parameters. Effective exploits of the integer factorization problem in RSA can allow an adversary to assume the identity of the key holder and decrypt such confidential messages. The keys employed in secure hardware are particularly significant due to the typically greater value of the information they safeguard, such as in the context of securing payment transactions. In general, RSA faces various attacks exploiting weaknesses in its key equations. This paper introduces a new vulnerability that enables the concurrent factorization of multiple RSA moduli. By working with pairs <span><math><mrow><mo>(</mo><msub><mrow><mi>N</mi></mrow><mrow><mi>i</mi></mrow></msub><mo>,</mo><msub><mrow><mi>e</mi></mrow><mrow><mi>i</mi></mrow></msub><mo>)</mo></mrow></math></span> and a fixed value <span><math><mi>y</mi></math></span> satisfying the Diophantine equation <span><math><mrow><msub><mrow><mi>e</mi></mrow><mrow><mi>i</mi></mrow></msub><msubsup><mrow><mi>x</mi></mrow><mrow><mi>i</mi></mrow><mrow><mn>2</mn></mrow></msubsup><mo>−</mo><msup><mrow><mi>y</mi></mrow><mrow><mn>2</mn></mrow></msup><mi>ϕ</mi><mrow><mo>(</mo><msub><mrow><mi>N</mi></mrow><mrow><mi>i</mi></mrow></msub><mo>)</mo></mrow><mo>=</mo><msub><mrow><mi>z</mi></mrow><mrow><mi>i</mi></mrow></msub></mrow></math></span>, we successfully factorized these moduli simultaneously using the lattice basis reduction technique. Notably, our research expands the scope of RSA decryption exponents considered as insecure.</p></div>","PeriodicalId":48547,"journal":{"name":"Journal of King Saud University-Computer and Information Sciences","volume":null,"pages":null},"PeriodicalIF":5.2000,"publicationDate":"2024-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1319157824001630/pdfft?md5=44eab7f8011fba6e4c09c111ca655fc8&pid=1-s2.0-S1319157824001630-main.pdf","citationCount":"0","resultStr":"{\"title\":\"New simultaneous Diophantine attacks on generalized RSA key equations\",\"authors\":\"Wan Nur Aqlili Ruzai , Muhammad Rezal Kamel Ariffin , Muhammad Asyraf Asbullah , Amir Hamzah Abd Ghafar\",\"doi\":\"10.1016/j.jksuci.2024.102074\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>RSA stands as a widely adopted method within asymmetric cryptography, commonly applied for digital signature validation and message encryption. The security of RSA relies on the challenge of integer factorization, a problem considered either computationally infeasible or highly intricate, especially when dealing with sufficiently large security parameters. Effective exploits of the integer factorization problem in RSA can allow an adversary to assume the identity of the key holder and decrypt such confidential messages. The keys employed in secure hardware are particularly significant due to the typically greater value of the information they safeguard, such as in the context of securing payment transactions. In general, RSA faces various attacks exploiting weaknesses in its key equations. This paper introduces a new vulnerability that enables the concurrent factorization of multiple RSA moduli. By working with pairs <span><math><mrow><mo>(</mo><msub><mrow><mi>N</mi></mrow><mrow><mi>i</mi></mrow></msub><mo>,</mo><msub><mrow><mi>e</mi></mrow><mrow><mi>i</mi></mrow></msub><mo>)</mo></mrow></math></span> and a fixed value <span><math><mi>y</mi></math></span> satisfying the Diophantine equation <span><math><mrow><msub><mrow><mi>e</mi></mrow><mrow><mi>i</mi></mrow></msub><msubsup><mrow><mi>x</mi></mrow><mrow><mi>i</mi></mrow><mrow><mn>2</mn></mrow></msubsup><mo>−</mo><msup><mrow><mi>y</mi></mrow><mrow><mn>2</mn></mrow></msup><mi>ϕ</mi><mrow><mo>(</mo><msub><mrow><mi>N</mi></mrow><mrow><mi>i</mi></mrow></msub><mo>)</mo></mrow><mo>=</mo><msub><mrow><mi>z</mi></mrow><mrow><mi>i</mi></mrow></msub></mrow></math></span>, we successfully factorized these moduli simultaneously using the lattice basis reduction technique. Notably, our research expands the scope of RSA decryption exponents considered as insecure.</p></div>\",\"PeriodicalId\":48547,\"journal\":{\"name\":\"Journal of King Saud University-Computer and Information Sciences\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":5.2000,\"publicationDate\":\"2024-05-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.sciencedirect.com/science/article/pii/S1319157824001630/pdfft?md5=44eab7f8011fba6e4c09c111ca655fc8&pid=1-s2.0-S1319157824001630-main.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of King Saud University-Computer and Information Sciences\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1319157824001630\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of King Saud University-Computer and Information Sciences","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1319157824001630","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
New simultaneous Diophantine attacks on generalized RSA key equations
RSA stands as a widely adopted method within asymmetric cryptography, commonly applied for digital signature validation and message encryption. The security of RSA relies on the challenge of integer factorization, a problem considered either computationally infeasible or highly intricate, especially when dealing with sufficiently large security parameters. Effective exploits of the integer factorization problem in RSA can allow an adversary to assume the identity of the key holder and decrypt such confidential messages. The keys employed in secure hardware are particularly significant due to the typically greater value of the information they safeguard, such as in the context of securing payment transactions. In general, RSA faces various attacks exploiting weaknesses in its key equations. This paper introduces a new vulnerability that enables the concurrent factorization of multiple RSA moduli. By working with pairs and a fixed value satisfying the Diophantine equation , we successfully factorized these moduli simultaneously using the lattice basis reduction technique. Notably, our research expands the scope of RSA decryption exponents considered as insecure.
期刊介绍:
In 2022 the Journal of King Saud University - Computer and Information Sciences will become an author paid open access journal. Authors who submit their manuscript after October 31st 2021 will be asked to pay an Article Processing Charge (APC) after acceptance of their paper to make their work immediately, permanently, and freely accessible to all. The Journal of King Saud University Computer and Information Sciences is a refereed, international journal that covers all aspects of both foundations of computer and its practical applications.