A new attack to RSA with small private exponent and partial information
Abstract
We give a new algorithm to attack RSA with small private exponent, when some partial information of p+q is given.The algorithm is a very simple modification of original Wiener's attack with continued fractions, and allows to factor n whenever d<n(1+δ)/4 if we know a δ-fraction of the most significant bits of p+q. The algorithm is unconditional, which is not the case in previous improvements that use Coppersmith method. As an example, ouir algorithm can be applied to break any criptosystem with modulus of 512 bits and d<n0.3, giving an improvement in the original attack of Wiener.
Turn this paper into a full lesson
ArcXiv compiles a staged curriculum from this paper: 8-12 lessons across beginner → advanced, synthesised section guides, visuals, flashcards, a quiz, exercises, and on-demand deep dives per section. Grounded in the abstract, never invented.