Extending LSB-based partial key exposure to RSA with special-structured primes

The Rivest–Shamir–Adleman (RSA) cryptosystem remains one of the most widely used public-key mechanisms, with its security depending on the computational difficulty of factoring a large composite modulus N generated from two primes. Previous studies have shown that RSA becomes vulnerable when its prime factors follow special algebraic structures or when partial information about their least significant bits (LSBs) is exposed. Earlier work demonstrated that primes close to perfect powers allow efficient reconstruction of the modulus when several LSBs of both primes are known. In this paper, we extended this line of research by examining three additional near-square prime structures in which the primes are slightly different, either positively or negatively shifted from their base-power forms. For each structure, we obtained analytical bounds that relate the difference to the square-root proximity of the modulus, and we presented polynomial-time algorithms that recover the prime factors when only a small number of their LSBs are leaked. Numerical experiments confirmed the practicality of the proposed methods. Our results broaden the class of RSA moduli susceptible to LSB-based partial key-exposure attacks and highlight the importance of strengthened key-generation strategies to avoid such structured primes.

Text 123843.pdf - Published Version Available under License Creative Commons Attribution. Download (317kB) Official URL or Download Paper: http://www.aimspress.com/article/doi/10.3934/math....

Actions (login required)

View Item