---------- Forwarded message ---------- Date: Thu, 24 Jan 2002 23:11:44 -0800 From: Bill Stewart <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RSA Attacks - Talk at Stanford - 1/28/2002 4PM (fwd)
Looks like an interesting talk! ---------- Forwarded message ---------- Date: Thu, 24 Jan 2002 16:52:35 -0800 (PST) From: Glenn Durfee <[EMAIL PROTECTED]> Subject: Ph.D. Oral Exam: Monday, January 28, 4PM Algebraic Cryptanalysis Glenn Durfee Department of Computer Science Stanford University Gates Building, Room 498 Monday, Jan. 28th, 2002 4:00 PM - 5:00 PM In this talk we study the security of the widely-used RSA public key cryptosystem. RSA is used in the SSL protocol for security on the Internet, and the SET protocol used by Visa for secure credit card transactions. This talk outlines several cryptanalytic results on the RSA public key cryptosystem and variants. We obtain our results using tools from the theory of integer lattices. We begin by introducing a novel algorithm for the factorization of a class of integers related closely to RSA moduli, showing a new class of integers can be efficiently factored. We go on to introduce new attacks on the RSA public key cryptosystem which take advantage of partial knowledge of a user's secret key, showing that in low public exponent RSA, leaking the quarter least significant bits of the secret key is sufficient to compromise RSA. Similar results (though not as strong) hold for larger values of the public key. Next we describe a new attack on the RSA public key cryptosystem when a short secret exponent is used, extending previous bounds for short secret exponent vulnerability. Lastly, we describe the Sun-Yang-Laih RSA key generation schemes, and introduce attacks to break two out of three of these schemes. +----------------------------------------------------------------------------+ | This message was sent via the Stanford Computer Science Department | | colloquium mailing list. To be added to this list send an arbitrary | | message to [EMAIL PROTECTED] To be removed from this list,| | send a message to [EMAIL PROTECTED] For more information,| | send an arbitrary message to [EMAIL PROTECTED] For directions| | to Stanford, check out http://www-forum.stanford.edu | +-------------------------------------------------------------------------xcl+ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]