Bugtraq: Re: Breaking RSA: Totient indirect factorization

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Breaking RSA: Totient indirect factorization

From: Alexander Klimov <alserkli () inbox ru>
Date: Thu, 15 Nov 2007 10:29:19 +0200 (IST)

On Wed, 14 Nov 2007, gandlf wrote:

1) m = p*q            -> RSA modulus

[...]

Algorithm
---------

- Repeat "a = a^n mod m" with n from 2 to m, saving all the results
  in a table until a == 1 (Statement 4).


:-)

So what is the expected running time of your algorithm? For example,
how long it will take on average to factor a 1024-bit modulus?

Impact
------

PKI vendors must change modulus generator algorithms to discard
totients with lower factors.


You may be interested in ``Are 'Strong' Primes Needed for RSA?'' by
Ron Rivest and Robert Silverman.

-- 
Regards,
ASK

By Date By Thread

Current thread:

Breaking RSA: Totient indirect factorization gandlf (Nov 14)
- Re: Breaking RSA: Totient indirect factorization Alexander Klimov (Nov 15)
- Re: Breaking RSA: Totient indirect factorization Clifton Royston (Nov 15)
  - Re: Breaking RSA: Totient indirect factorization gandlf (Nov 15)
    - Re: Breaking RSA: Totient indirect factorization Erick Galinkin (Nov 16)
- Re: Breaking RSA: Totient indirect factorization Watson Ladd (Nov 16)