ZHOU Yi,SHEN Hai-bin,FAN Jun-feng

DOI: https://doi.org/10.3969/j.issn.1671-7147.2006.06.015

2006-01-01

Abstract:RSA is a time-consumed algorithm and is always implemented by using Montgomery multiplication algorithm.The paper develops a two-stage Montgomery multiplication algorithm and presents a high speed scalable hardware implementation based on the algorithm described for the RSA computation.High-radix,2~(64) is used in the algorithm.Compared with other Montgomery multiplication algorithm,the performance of RSA algorithm is highly improved.In hardware area,based on three pipelined 64×64 bit multiplier,five pipelined process unit is designed.Its architecture gives enough freedom to select the operand length to be used.It can implement multi RSA operation such as 1 024 bit,2 048 bit.In the 1 024 bit condition,its encrypt speed can reach 8 800 times per second.The system simulation and tapeout is based on SIMC0.18 technology.

Sapna Saxena,Bhanu Kapoor

DOI: https://doi.org/10.48550/arXiv.1503.03593

2015-03-12

Abstract:RSA is one of the most popular Public Key Cryptography based algorithm mainly used for digital signatures, encryption/decryption etc. It is based on the mathematical scheme of factorization of very large integers which is a compute-intensive process and takes very long time as well as power to perform. Several scientists are working throughout the world to increase the speedup and to decrease the power consumption of RSA algorithm while keeping the security of the algorithm intact. One popular technique which can be used to enhance the performance of RSA is parallel programming. In this paper we are presenting the survey of various parallel implementations of RSA algorithm involving variety of hardware and software implementations.

Cryptography and Security

Li Qing,Li Xiongwei,Jin Tao

DOI: https://doi.org/10.3969/j.issn.1009-6833.2007.06.037

2007-01-01

Abstract:The RSA algorithm is the broadest applied public key cryptosystems at present.Its security is dependent on big prime number factorizations difficulty.As for average application system,efficiency is also not to admit ignoring.The article comes true to generating what secret key process middle requires a parameter to carry out analysis and discuss that,and having carried out whit C programming language on public RSA key encryption algorithm combining with an example.

Hung-Min Sun,Cheng-Ta Yang,Mu-En Wu

DOI: https://doi.org/10.1587/transfun.e92.a.912

2009-01-01

Abstract:In some applications, a short private exponent d is chosen to improve the decryption or signing process for RSA public key cryptosystem. However. in a typical RSA, if the private exponent d is selected first, the public exponent e should be of the same order Of magnitude as phi(N). Sun et al. devised three RSA variants Using unbalanced prime factors p and q to lower the computational cost. Unfortunately. Durfee & Nguyen broke the illustrated instances of the first and third variants by solving small roots to trivariate modular polynomial equations. They also indicated that the instances With Unbalanced primes p and q are more insecure than the instances with balanced p and q. This investigation focuses on designing a new RSA variant with balanced p and q, and short exponents d and e, to improve the Security of an RSA variant against the Durfee & Nguyen's attack, and the other existing attacks. Furthermore, the proposed variant (Scheme A) is also extended to another RSA variant (Scheme B) in which p and q are balanced, and a trade-off between the lengths of d and e is enable. In addition, We provide the security analysis and feasibility analysis of the proposed schemes.

Soeren Kleine,Andreas Nickel,Torben Ritter,Krishnan Shankar

2024-03-25

Abstract:We introduce a new probabilistic public-key cryptosystem which combines the main ingredients of the well-known RSA and Rabin cryptosystems. We investigate the security and performance of our new scheme in comparison to the other two.

Cryptography and Security,Number Theory

Falowo O. Mojisola,Sanjay Misra,C. Falayi Febisola,Olusola Abayomi-Alli,Gokhan Sengul

DOI: https://doi.org/10.1016/j.eij.2022.02.001

IF: 4.195

2022-03-01

Egyptian Informatics Journal

Abstract:The recent innovations in network application and the internet have made data and network security the major role in data communication system development. Cryptography is one of the outstanding and powerful tools for ensuring data and network security. In cryptography, randomization of encrypted data increases the security level as well as the Computational Complexity of cryptographic algorithms involved. This research study provides encryption algorithms that bring confidentiality and integrity based on two algorithms. The encryption algorithms include a well-known RSA algorithm (1024 key length) with an enhanced bit insertion algorithm to enhance the security of RSA against different attacks. The security classical RSA has depreciated irrespective of the size of the key length due to the development in computing technology and hacking system. Due to these lapses, we have tried to improve on the contribution of the paper by enhancing the security of RSA against different attacks and also increasing diffusion degree without increasing the key length. The security analysis of the study was compared with classical RSA of 1024 key length using mathematical evaluation proofs, the experimental results generated were compared with classical RSA of 1024 key length using avalanche effect in (%) and computational complexity as performance evaluation metrics. The results show that RBMRSA is better than classical RSA in terms of security but at the cost of execution time.

computer science, information systems, artificial intelligence

Hung-Min Sun,Cheng-Ta Yang

DOI: https://doi.org/10.1007/978-3-540-30580-4_14

2005-01-01

Abstract:In typical RSA, it is impossible to create a key pair (e,d) such that both are simultaneously much shorter than φ (N). This is because if d is selected first, then e will be of the same order of magnitude as φ (N), and vice versa. At Asiacrypt'99, Sun et al. designed three variants of RSA using prime factors p and q of unbalanced size. The first RSA variant is an attempt to make the private exponent d short below N0.25 and N0.292 which are the lower bounds of d for a secure RSA as argued first by Wiener and then by Boneh and Durfee. The second RSA variant is constructed in such a way that both d and e have the same bit-length $\frac{1}{2}\log _{2}N+56$. The third RSA variant is constructed by such a method that allows a trade-off between the lengths of d and e. Unfortunately, at Asiacrypt'2000, Durfee and Nguyen broke the illustrated instances of the first RSA variant and the third RSA variant by solving small roots to trivariate modular polynomial equations. Moreover, they showed that the instances generated by these three RSA variants with unbalanced p and q in fact become more insecure than those instances, having the same sizes of exponents as the former, in RSA with balanced p and q. In this paper, we focus on designing a new RSA variant with balanced d and e, and balanced p and q in order to make such an RSA variant more secure. Moreover, we also extend this variant to another RSA variant in which allows a trade-off between the lengths of d and e. Based on our RSA variants, an application to entity authentication for defending the stolen-secret attack is presented.

Anthony Overmars,Sitalakshmi Venkatraman

DOI: https://doi.org/10.3390/jcp4010003

2024-01-10

Journal of Cybersecurity and Privacy

Abstract:The RSA (Rivest–Shamir–Adleman) cryptosystem is an asymmetric public key cryptosystem popular for its use in encryptions and digital signatures. However, the Wiener’s attack on the RSA cryptosystem utilizes continued fractions, which has generated much interest in developing competitive factoring algorithms. A general-purpose integer factorization method first proposed by Lehmer and Powers formed the basis of the well-known Continued Fraction Factorization (CFRAC) method. Recent work on the one line factoring algorithm by Hart and its connection with Lehman’s factoring method have motivated this paper. The emphasis of this paper is to explore the representations of PQ as continued fractions and the suitability of lower ordered convergences as representations of ab. These simpler convergences are then prescribed to Hart’s one line factoring algorithm. As an illustration, we demonstrate the working of our approach with two numbers: one smaller number and another larger number occupying 95 bits. Using our method, the fourth convergence finds the factors as the solution for the smaller number, while the eleventh convergence finds the factors for the larger number. The security of the RSA public key cryptosystem relies on the computational difficulty of factoring large integers. Among the challenges in breaking RSA semi-primes, RSA250, which is an 829-bit semi-prime, continues to hold a research record. In this paper, we apply our method to factorize RSA250 and present the practical implementation of our algorithm. Our approach’s theoretical and experimental findings demonstrate the reduction of the search space and a faster solution to the semi-prime factorization problem, resulting in key contributions and practical implications. We identify further research to extend our approach by exploring limitations and additional considerations such as the difference of squares method, paving the way for further research in this direction.

computer science, information systems, interdisciplinary applications, software engineering

Yi-feng MO,Shu-guo LI

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2017.11.003

2017-01-01

Abstract:In this paper,we implement RSA cryptographic using Residue number system (RNS).We choose four modulo similar in the form for every computational unit.The reduction unit supports these four modulo is smaller and shorter than the required reduction unit corresponding to the conventional method selection.According to our proposed method,we select seven groups of modulo with a width of 74,and design a RNS Montgomery multiplier based on Cox-Rower architecture to implement RSA cryptography.In the SMIC 0.13μm standard cell library,clock frequency reaches up to 278 MHz.At this frequency,1 024,2 048-bit RSA decryption in Chinese Remainder Theorem (CRT) mode and 1 024-bit RSA decryption require 710μs,99 μs,350μs,respectively,faster than the published related designs.

Santosh Kumar RPrakash KlncKrishna SrmDr. R. Santosh Kumar is an Associate Professor in the Department of Computer Science and Engineering at the Vasavi College of Engineering. His research interests are Cryptology,Machine Learning,and data science. He published nearly 15 articles in various International Journals. He is a member of IEI,CRSI,and IAENG. He has guided more than 20 undergraduate projects.Dr. KLNC Prakash received his Ph.D. from JNTU Hyderabad in 2020. His areas of interest are data mining,Machine learning and Neural Networks. He has published more than 15 international journals in the area of data mining and machine learning. He has guided more than 20 undergraduate projects.Dr. Sureddi R.M. Krishna received his Ph.D. from JNTU Hyderabad in 2017. His areas of interest include Network Security and Routing in Manet system. He has published in 20 international and 5 national level conferences. He has guided more than 14 undergraduate 10 post-graduate projects. He is an IEEE professional member,and a CSI and IFERP member. He is a Cisco Networking Instructor for various courses like CCNA,Python,Cyber Ops,etc.

DOI: https://doi.org/10.1080/01611194.2023.2271463

2024-01-06

Cryptologia

Abstract:Multi-prime RSA (MPRSA) is an extended version of RSA in which the modulus is the product of three or more distinct prime numbers. As with the RSA, this variant is also scrutinized for vulnerabilities. The main goal of the attacks on MPRSA is to test the strength of MPRSA compared to that of RSA to determine whether MPRSA can be used in place of RSA. We apply two famous attacks on RSA to MPRSA by constructing lattices using the Jochemsz and May approach. In comparison to RSA, MPRSA is less vulnerable to both attacks.

mathematics, applied,computer science, theory & methods,history & philosophy of science

K. R. Raghunandan,Rovita Robert Dsouza,N. Rakshith,Surendra Shetty,Ganesh Aithal

DOI: https://doi.org/10.1007/978-981-15-3514-7_60

2020-08-14

Abstract:Public key cryptography generates two distinct keys: one for encryption and another separate but related key for decryption. There exists only one private key for every public key to decipher the message. A variant of RSA, called the Dual RSA, has two different key pairs having separate private and public key exponents. Security of the RSA is compromised using mathematical attacks, by the factorization of ‘n’. This paper proposed an enhanced approach to Dual RSA with the help of Pell’s equation and a fake modulus key. The algorithm eliminates the distribution of ‘n’, whose factors compromise the RSA algorithm. Also, the solutions to Pell’s equation are shared instead of the public key components. A comparative analysis is carried out with respect to RSA, Dual RSA and the proposed algorithm based on the complexity of each step of the algorithm. It is observed that the proposed system provides more security to the public key exponents and the system modulus ‘n’, than RSA and Dual RSA.

Hung-Min Sun,Mu-En Wu,M. Jason Hinek,Cheng-Ta Yang,Vincent S. Tseng

DOI: https://doi.org/10.1016/j.jss.2009.04.001

2009-01-01

Abstract:In 1982, Quisquater and Couvreur proposed an RSA variant, called RSA-CRT, based on the Chinese Remainder Theorem to speed up RSA decryption. In 1990, Wiener suggested another RSA variant, called Rebalanced-RSA, which further speeds up RSA decryption by shifting decryption costs to encryption costs. However, this approach essentially maximizes the encryption time since the public exponent e is generally about the same order of magnitude as the RSA modulus. In this paper, we introduce two variants of Rebalanced-RSA in which the public exponent e is much smaller than the modulus, thus reducing the encryption costs, while still maintaining low decryption costs. For a 1024-bit RSA modulus, our first variant (Scheme A) offers encryption times that are at least 2.6 times faster than that in the original Rebalanced-RSA, while the second variant (Scheme B) offers encryption times at least 3 times faster. In both variants, the decrease in encryption costs is obtained at the expense of slightly increased decryption costs and increased key generation costs. Thus, the variants proposed here are best suited for applications which require low costs in encryption and decryption.

Hung-Min Sun,Mu-En Wu

2005-01-01

Abstract:Based on the Chinese Remainder Theorem (CRT), Quisquater and Couvreur proposed an RSA variant, RSA-CRT, to speedup RSA decryption. According to RSA-CRT, Wiener sug- gested another RSA variant, Rebalanced RSA-CRT, to further speedup RSA-CRT decryption by shifting decryption cost to encryption cost. However, such an approach will make RSA en- cryption very time-consuming because the public exponent e in Rebalanced RSA-CRT will be of the same order of magnitude as φ(N). In this paper we study the following problem: does there exist any secure variant of Rebalanced RSA-CRT, whose public exponent e is much shorter than φ(N)? We solve this problem by designing a variant of Rebalanced RSA-CRT with dp and dq of 198 bits. This variant has the public exponent e =2 511 +1such that its encryption is about 3 times faster than that of the original Rebalanced RSA-CRT.

Hung-Min Sun,M. Jason Hinek,Mu-En Wu

2005-01-01

Abstract:In 1982, Quisquater & Couvreur proposed a variant of RSA based on the Chinese Remainder Theorem, called RSA-CRT, to speed up RSA decryption. In 1990, Wiener suggested another variant, called Rebalanced RSA-CRT, which further speeds up RSA decryption by shifting decryption costs to encryption costs. However, this approach essentially maximizes the encryption time since the public exponent e in Rebalanced RSA-CRT is generally about the same order of magnitude as the RSA modulus. In this work1, we introduce two variants of Rebalanced RSA-CRT in which the public exponent e is much smaller than the modulus, thus reducing the encryption costs, while maintaining low decryption costs. For a 1024-bit modulus, our first variant (Scheme A) offers encryption times that are at least 2.6 times faster than that in the original Rebalanced RSA-CRT, while the second variant (Scheme B) offers encryption times at least 3 times faster. In both variants, the decrease in encryption costs is obtained at the expense of slightly increased decryption costs and increased key generation costs. Thus, the variants proposed here are best suited for applications which require low encryption/decryption costs but do not require key generation on the fly.

Mahadee Al Mobin,Md Kamrujjaman

2024-06-25

Abstract:Prime factorization has been a buzzing topic in the field of number theory since time unknown. However, in recent years, alternative avenues to tackle this problem are being explored by researchers because of its direct application in the arena of cryptography. One of such applications is the cryptanalysis of RSA numbers, which requires prime factorization of large semiprimes. Based on numerical experiments, this paper proposes a conjecture on the distribution of digits on prime of infinite length. This paper infuses the theoretical understanding of primes to optimize the search space of prime factors by shrinking it upto 98.15%, which, in terms of application, has shown 26.50% increase in the success rate and 41.91% decrease of the maximum number of generations required by the genetic algorithm used traditionally in the literature. This paper also introduces a variation of the genetic algorithm named Sieve Method that is fine-tuned for factorization of big semi-primes, which was able to factor numbers up to 23 decimal digits with 84% success rate. Our findings shows that sieve methods on average has achieved 321.89% increase in success rate and 64.06% decrement in the maximum number of generations required for the algorithm to converge compared to the existing literatures.

General Mathematics

Yi Wu,Xingjun Wu

DOI: https://doi.org/10.1109/ISCE.2017.8355552

2017-01-01

Abstract:As one of the international public-key cryptographic standards, RSA is widely used in Smart IC card which is in the context of such a large number of users. The RSA key-generation inside the card IC is the most time-consumption procedure during the mass production of the cards. To reduce the time complexity, an optimized RSA key generation algorithm is proposed in this paper. The optimized algorithm was implemented to generate RSA key pairs based on the smart card chip called THD88. Experiments show the time to generate a 1024-bits RSA key-pair is 4.76 seconds on average under the system clock frequency of 20MHz, and is much less than other similar products. Testing results show that the time-consumption distribution fits 3 sigma distribution, and meets the requirements of the engineering application as well.

M. Anwar,Mustafa Ismail,H.M. Bahig

2024-03-10

Abstract:In this paper, we present attacks on three types of RSA modulus when the least significant bits of the prime factors of RSA modulus satisfy some conditions. Let $p,$ and $q$ be primes of the form $p=a^{m_1}+r_p$ and $q=b^{m_2}+r_q$ respectively, where $a,b,m_{1},m_{2} \in \mathbb{Z^+}$ $r_p,$ and $ r_q$ are known. The first attack is when the RSA modulus is $N=pq$ where $m_1$ or $m_2$ is an even number. If $\left(r_{p}r_{q}\right)^\frac{1}{2}$ is sufficiently small, then $N$ can be factored in polynomial time. The second attack is when $N=p^{s}q,$ where $q>p$ and $s$ divides $m_2.$ If $r_pr_q$ is sufficiently small, then $N$ can be factored in polynomial time. The third attack is when $N=p^{s+l}q^{s},$ where $p>q,$ $s,l \in \mathbb{Z^+},$ $l < \frac{s}{2}$ and $s$ divides $m_1l.$ If $a^{m_1}>qa^{\frac{m_1l}{s}},$ and $lr^3_p$ is sufficiently small, then $N$ can be factored in polynomial time.

Number Theory

Q Liu,Fz Ma,D Tong,X Cheng

DOI: https://doi.org/10.1109/mwscas.2004.1354396

2004-01-01

Abstract:High performance VLSI implementation of the RSA algorithm using the systolic array is presented. High-speed applications of RSA systems require parallel implementations of modular multipliers. Besides using the systolic architecture which is popular in hardware-based RSA systems, a block-based scheme is used to further eliminate global signals, with a pipelined bus to convey data globally. The control signals and intermediate results used for sequential multiplications are transmitted by shift registers. All signals, except for the clock signal, are limited in one block or between two adjacent blocks. A Carry-Save-Adder structure is used for calculating the iterative step of the algorithms which contributes to speed improvement and area saving. In addition, long modular multipliers suffer from the effect of large fanout. Novel architectures are proposed to eliminate the fanout bottleneck, which reduce the achievable minimum clock period of long modular multipliers. Compared to the original modular multiplier architecture with fanout bottleneck, the proposed architectures can achieve an increase of over 7% in throughput without increase in area. The Chinese Remainder Theorem (CRT) technique increases the decryption data rate by a factor of four. Two redundant blocks are added to adapt to the on-line partition of the multiplier and the variation of the length of P and Q in CRT mode.

Elijah Pelofske

2024-05-31

Abstract:RSA is an incredibly successful and useful asymmetric encryption algorithm. One of the types of implementation flaws in RSA is low entropy of the key generation, specifically the prime number creation stage. This can occur due to flawed usage of random prime number generator libraries, or on computers where there is a lack of a source of external entropy. These implementation flaws result in some RSA keys sharing prime factors, which means that the full factorization of the public modulus can be recovered incredibly efficiently by performing a computation GCD between the two public key moduli that share the prime factor. However, since one does not know which of the composite moduli share a prime factor a-priori, to determine if any such shared prime factors exist, an all-to-all GCD attack (also known as a batch GCD attack, or a bulk GCD attack) can be performed on the available public keys so as to recover any shared prime factors. This study describes a novel all-to-all batch GCD algorithm, which will be referred to as the binary tree batch GCD algorithm, that is more efficient than the current best batch GCD algorithm (the remainder tree batch GCD algorithm). A comparison against the best existing batch GCD method (which is a product tree followed by a remainder tree computation) is given using a dataset of random RSA moduli that are constructed such that some of the moduli share prime factors. This proposed binary tree batch GCD algorithm has better runtime than the existing remainder tree batch GCD algorithm, although asymptotically it has nearly identical scaling and its complexity is dependent on how many shared prime factors exist in the set of RSA keys. In practice, the implementation of the proposed binary tree batch GCD algorithm has a roughly 6x speedup compared to the standard remainder tree batch GCD approach.

Cryptography and Security

Hung-Min Sun,Mu-En Wu

2005-01-01

Abstract:Based on the Chinese Remainder Theorem (CRT), Quisquater and Couvreur proposed an RSA variant, RSA-CRT, to speed up RSA decryption. Then, Wiener suggested another RSA variant, Rebalanced RSA-CRT, to further accelerate RSA-CRT decryption by shifting decryp- tion cost to encryption cost. However, such an approach makes RSA encryption very time- consuming because the public exponent e in Rebalanced RSA-CRT is of the same order of magnitude as φ(N). In this paper we study the following problem: does there exist any secure variant of Rebalanced RSA-CRT, whose public exponent e is much shorter than φ(N) ?W e solve this problem by designing two variants of Rebalanced RSA-CRT, Scheme A and Scheme B. In Scheme A, we focus on designing a variant in which dp and dq are of 160 bits, and e =2 567 +1. Thus the encryption time is reduced to about 1 2.7 of the time required by the original Rebalanced RSA-CRT. Scheme B is a variant in which dp and dq are of 198 bits, and e =2 511 +1 .T hus its encryption is about 3 times faster than that of Rebalanced RSA-CRT, but the decryption is a little slower than that of Rebalanced RSA-CRT.