A security analysis of two classes of RSA-like cryptosystems

• Published in: Journal of mathematical cryptology Vol. 18; no. 1; pp. 120 - 6
• Main Authors: Cotan, Paul, Teşeleanu, George
• Format: Journal Article
• Language: English
• Published: Berlin De Gruyter 28.09.2024; Walter de Gruyter GmbH
• Subjects: 11A55; 94A60; Computer science; Computer systems; continued fractions; Digital imaging; Digital signatures; Prime numbers; Rational functions; RSA; Security; small private key attack
• ISSN: 1862-2984; 1862-2976; 1862-2984
• DOI: 10.1515/jmc-2024-0013

Let be the product of two balanced prime numbers and . In Elkamchouchi et al. ( . In: ICCS 2002. vol. 1. IEEE Computer Society; 2002. p. 91–5.) introduced an Rivest-Shamir-Adleman (RSA)-like cryptosystem that uses the key equation , instead of the classical RSA key equation . Another variant of RSA, presented in Murru and Saettone ( . In: NuTMiC 2017. vol. 10737 of Lecture Notes in Computer Science. Springer; 2017. p. 91–103), uses the key equation . Despite the authors’ claims of enhanced security, both schemes remain vulnerable to adaptations of common RSA attacks. Let be an integer. This article proposes two families of RSA-like encryption schemes: one employs the key equation for , while the other uses for . Note that we remove the conventional assumption of primes having equal bit sizes. In this scenario, we show that regardless of the choice of , continued fraction-based attacks can still recover the secret exponent. Additionally, this work fills a gap in the literature by establishing an equivalent of Wiener’s attack when the primes do not have the same bit size.