Cryptanalysis of RSA with private key d less than N/sup 0.292/ 论文
2000IEEE Transactions on Information Theory引用 394
Cryptography and Data SecurityCoding theory and cryptographyCryptographic Implementations and Security
摘要
We show that if the private exponent d used in the RSA (Rivest-Shamir-Adleman (1978)) public-key cryptosystem is less than N/sup 0.292/ then the system is insecure. This is the first improvement over an old result of Wiener (1990) showing that when d is less than N/sup 0.25/ the RSA system is insecure. We hope our approach can be used to eventually improve the bound to d less than N/sup 0.5/.