## Further Attacks on Server-Aided RSA Cryptosystems (1998)

### Cached

### Download Links

by James Mckee , Richard Pinch Citations: 6 - 1 self### BibTeX

@MISC{Mckee98furtherattacks,

author = {James Mckee and Richard Pinch},

title = {Further Attacks on Server-Aided RSA Cryptosystems},

year = {1998}

}

### Share

### OpenURL

### Abstract

. Lim and Lee [5] describe protocols for server-aided RSA digital signatures involving moduli N with special structure: N = pq where p and q are both of order N 1=2 , and p \Gamma 1 and q \Gamma 1 have a large common factor fi. We describe a method to factor such numbers in time O \Gamma N 1=4 =fi \Delta and show that this renders the proposed system insecure. 1. Introduction Lim and Lee [5] describe protocols for server-aided RSA digital signatures involving moduli N with special structure: N = pq where p \Gamma 1 and q \Gamma 1 have a large common factor fi. As usual, p and q are both of order N 1=2 . The authors claim that "there exists no known algorithm for factoring N (for jN j 512) with knowledge of fi of size 64 80." We shall show that this claim is incorrect: we describe a method to factor such numbers in time O \Gamma N 1=4 =fi \Delta which renders the proposed system insecure. 2. The proposed cryptosystem Lim and Lee [5] discuss server-aided RSA signat...

### Keyphrases

server-aided rsa cryptosystems proposed system insecure special structure describe protocol time gamma server-aided rsa digital signature fi delta large common factor fi discus server-aided rsa signat introduction lim proposed cryptosystem lim known algorithm

Powered by:Developed at and hosted by The College of Information Sciences and Technology

© 2007-2018 The Pennsylvania State University