Designing Short-Exponent RSA and its Applications
| Autor: | Cheng-Ta Yang, 楊政達 |
|---|---|
| Rok vydání: | 2009 |
| Druh dokumentu: | 學位論文 ; thesis |
| Popis: | 97 RSA, the first proposed public key cryptosystem in the world, is the most widely used public key cryptosystem. This cryptosystem is not only built into several operating systems, like Microsoft, Apple, Sun, and Novell, but also used for securing web traffic, E-mail, smart cards or IC cards. Based on the believed difficulty of computing eth roots modulo N, where N = pq is the product of two large unknown primes, it is widely believed to be secure for large enough N. Since RSA can also be broken by factoring N, the security of RSA is often based on the integer factorization problem (IFP), which is and continues to be a well studied problem. In some applications, a short private exponent d is chosen to improve the decryption or signing process for RSA public key cryptosystem. However, in a typical RSA, if the private exponent d is selected first, the public exponent e should be of the same order of magnitude as ��(N). Sun et al. devised three RSA variants using unbalanced prime factors p and q to lower the computational cost. Unfortunately, Durfee & Nguyen broke the illustrated instances of the first and third variants by solving small roots to trivariate modular polynomial equations. They also indicated that the instances with unbalanced primes p and q are more insecure than the instances with balanced p and q. This investigation focuses on designing a new RSA variant with balanced p and q, and short exponents d and e, to improve the security of an RSA variant against the Durfee & Nguyen's attack, and the other existing attacks. Furthermore, the proposed variant (Scheme A) is also extended to another RSA variant (Scheme B) in which p and q are balanced, and a trade-off between the lengths of d and e is enable. In addition, we provide the security analysis and feasibility analysis of the proposed schemes. On the other hand, Using Scheme B's method, it is successful in designing variants of RSA in which the public and private exponents can be chosen obviously smaller than those in typical RSA. However, their RSA variants don't provide the use of public key of special form 2X+1, which can further reduce the encryption cost. In this article, we design a customized public key RSA variant which not only remains the same property as the previous RSA variants, but also provides that the public exponent can be the special form of 2X + 1. The widespread use of open networks and distributed systems brought many communication security risks including users and network components. The basic and .first step in an ensuring secure network is how two entities mutually authenticate each other. With entity authentication protocols in place, it is easy for one participant to establish secure communications with one another. A secret-key based authentication protocol allows two parties sharing a common secret key to authenticate each other. However, this mechanism is insecure against a new attack, named the stolen-secret attack, in which once the secret of an entity is divulged, the attacker may be able to impersonate his partner to fool this entity. In this paper, we are interesting in designing secure secret-key based protocols which can defend against the stolen-secret attack. Furthermore, we propose a property from the CRT-equations in Rebalanced-RSA. We point out that, in fact, two CRT-equations can be totally independent. This means, we can choose different public exponents when using Rebalance RSA. Furthermore, we propose a multisignature-like scheme based on Rebalanced-RSA. In our proposed scheme, the signers can sign the same message simultaneously and then combine all individual signatures into a multisignature. In addition, there exists an exponential operation in the multisignature verification procedure. |
| Databáze: | Networked Digital Library of Theses & Dissertations |
| Externí odkaz: |
|