Sciweavers

Share
PKC
2011
Springer

Cryptanalysis of the RSA Subgroup Assumption from TCC 2005

7 years 9 months ago
Cryptanalysis of the RSA Subgroup Assumption from TCC 2005
At TCC 2005, Groth underlined the usefulness of working in small RSA subgroups of hidden order. In assessing the security of the relevant hard problems, however, the best attack considered for a subgroup of size 22 had a complexity of O(2 ). Accordingly, = 100 bits was suggested as a concrete parameter. This paper exhibits an attack with a complexity of roughly 2 /2 operations, suggesting that Groth’s original choice of parameters was overly aggressive. It also discusses the practicality of this new attack and various implementation issues. Key-words: rsa moduli, hidden order, subgroup, cryptanalysis.
Jean-Sébastien Coron, Antoine Joux, Avradip
Added 17 Sep 2011
Updated 17 Sep 2011
Type Journal
Year 2011
Where PKC
Authors Jean-Sébastien Coron, Antoine Joux, Avradip Mandal, David Naccache, Mehdi Tibouchi
Comments (0)
books