Jump to ContentJump to Main Navigation
Show Summary Details
More options …

Groups Complexity Cryptology

Managing Editor: Shpilrain, Vladimir / Weil, Pascal

Editorial Board: Ciobanu, Laura / Conder, Marston / Eick, Bettina / Elder, Murray / Fine, Benjamin / Gilman, Robert / Grigoriev, Dima / Ko, Ki Hyoung / Kreuzer, Martin / Mikhalev, Alexander V. / Myasnikov, Alexei / Perret, Ludovic / Roman'kov, Vitalii / Rosenberger, Gerhard / Sapir, Mark / Thomas, Rick / Tsaban, Boaz / Capell, Enric Ventura / Lohrey, Markus

CiteScore 2018: 0.80

SCImago Journal Rank (SJR) 2018: 0.368
Source Normalized Impact per Paper (SNIP) 2018: 1.061

Mathematical Citation Quotient (MCQ) 2017: 0.32

See all formats and pricing
More options …

Factoring multi-power RSA moduli with primes sharing least or most significant bits

Omar Akchiche / Omar Khadir
  • Corresponding author
  • Laboratory of Mathematics, Cryptography and Mechanics, Fstm, University Hassan II of Casablanca, Morocco
  • Email
  • Other articles by this author:
  • De Gruyter OnlineGoogle Scholar
Published Online: 2016-04-09 | DOI: https://doi.org/10.1515/gcc-2016-0002


We study the factorization of a balanced multi-power RSA moduli N = prq when the unknown primes p and q share t least or most significant bits. We show that if t ≥ 1/(1+r)log p, then it is possible to compute the prime decomposition of N in polynomial time in log N. This result can be used to mount attacks against several cryptographic protocols that are based on the moduli N.

Keywords: Integer factorization problem; multi-power RSA; Coppersmith's theorem; public key cryptography

MSC: 11Y05; 94A60


  • 1

    E. Bach and J. Shallit, Algorithmic Number Theory. Volume 1: Efficient Algorithms, MIT Press, Cambridge, 1996. Google Scholar

  • 2

    D. Boneh, G. Durfee and N. Howgrave-Graham, Factoring N = prq for large r, Advances in Cryptology (CRYPTO'99), Lecture Notes in Comput. Sci. 1666, Springer, Berlin (1999), 326–337. Google Scholar

  • 3

    D. Boneh and H. Shacham, Fast variants of RSA, CryptoBytes 5 (2002), 1, 1–9. Google Scholar

  • 4

    D. Coppersmith, Small solutions to polynomial equations, and low exponent RSA vulnerabilities, J. Cryptology 10 (1997), 4, 233–260. Google Scholar

  • 5

    B. De Weger, Cryptanalysis of RSA with small prime difference, Appl. Algebra Engrg. Comm. Comput. 13 (2002), 1, 17–28. Google Scholar

  • 6

    A. Fujioka, T. Okamoto and S. Miyaguchi, ESIGN: An efficient digital signature implementation for smart cards, Advances in Cryptology (EUROCRYPT'91), Lecture Notes in Comput. Sci. 547, Springer, Berlin (1991), 446–457. Google Scholar

  • 7

    S. D. Galbraith, Mathematics of Public Key Cryptography, Cambridge University Press, Cambridge, 2012. Google Scholar

  • 8

    K. Itoh, N. Kunihiro and K. Kurosawa, Small secret key attack on a variant of RSA (due to Takagi), Topics in Cryptology (CT-RSA 2008), Lecture Notes in Comput. Sci. 4964, Springer, Berlin (2008), 387–406. Google Scholar

  • 9

    D. H. Lehmer and R. E. Powers, On factoring large numbers, Bull. Amer. Math. Soc. 37 (1931), 10, 770–776. Google Scholar

  • 10

    A. K. Lenstra and H. W. Lenstra, Jr., The development of the number field sieve, Lecture Notes in Math. 1554, Springer, Berlin, 1993. Google Scholar

  • 11

    H. W. Lenstra, Jr., Factoring integers with elliptic curves, Ann. of Math. (2) 126 (1987), 3, 649–673. Google Scholar

  • 12

    W. J. LeVeque, Fundamentals of Number Theory, Dover Publications, New York, 1996. Google Scholar

  • 13

    S. Lim, S. Kim, I. Yie and H. Lee, A generalized takagi-cryptosystem with a modulus of the form prqs, Progress in Cryptology (INDOCRYPT 2000), Lecture Notes in Comput. Sci. 1977, Springer, Berlin (2000), 283–294. Google Scholar

  • 14

    Y. Lu, R. Zhang and D. Lin, Factoring multi-power RSA modulus N = prq with partial known bits, Information Security and Privacy (ACISP 2013), Lecture Notes in Comput. Sci. 7959, Springer, Berlin (2013), 57–71. Google Scholar

  • 15

    A. May, Secret exponent attacks on RSA-type schemes with moduli N = prq, Public Key Cryptography (PKC 2004), Lecture Notes in Comput. Sci. 2947, Springer, Berlin (2004), 218–230. Google Scholar

  • 16

    A. May, Using LLL-reduction for solving RSA and factorization problems, The LLL Algorithm, Inf. Secur. Cryptography, Springer, Dordrecht (2010), 315–348. Google Scholar

  • 17

    T. Okamoto and S. Uchiyama, A new public-key cryptosystem as secure as factoring, Advances in Cryptology (EUROCRYPT'98), Lecture Notes in Comput. Sci. 1403, Springer, Berlin (1998), 308–318. Google Scholar

  • 18

    J. M. Pollard, Theorems on factorization and primality testing, Math. Proc. Cambridge Philos. Soc. 76 (1974), 3, 521–528. Google Scholar

  • 19

    J. M. Pollard, A monte carlo method for factorization, BIT 15 (1975), 3, 331–334. Web of ScienceGoogle Scholar

  • 20

    C. Pomerance, The quadratic sieve factoring algorithm, Advances in Cryptology (EUROCRYPT'84), Lecture Notes in Comput. Sci. 209, Springer, Berlin (1985), 169–182. Google Scholar

  • 21

    R. L. Rivest, A. Shamir and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Commun. ACM 21 (1978), 2, 120–126. Google Scholar

  • 22

    S. Sarkar, Small secret exponent attack on RSA variant with modulus N = prq, Des. Codes Cryptogr. 73 (2014), 2, 383–392. Google Scholar

  • 23

    V. Shoup, A Computational Introduction to Number Theory and Algebra, Cambridge University Press, Cambridge, 2005. Google Scholar

  • 24

    R. Steinfeld and Y. Zheng, On the security of RSA with primes sharing least-significant bits, Appl. Algebra Engrg. Comm. Comput. 15 (2004), 3, 179–200. Google Scholar

  • 25

    T. Takagi, Fast RSA-type cryptosystem modulo pkq, Advances in Cryptology (CRYPTO'98), Lecture Notes in Comput. Sci. 1462, Springer, Berlin (1998), 318–326. Google Scholar

About the article

Received: 2015-03-25

Revised: 2015-12-01

Published Online: 2016-04-09

Published in Print: 2016-05-01

Citation Information: Groups Complexity Cryptology, Volume 8, Issue 1, Pages 47–54, ISSN (Online) 1869-6104, ISSN (Print) 1867-1144, DOI: https://doi.org/10.1515/gcc-2016-0002.

Export Citation

© 2016 by De Gruyter.Get Permission

Comments (0)

Please log in or register to comment.
Log in