Symmetry and Asymmetry in Cryptography

A special issue of Symmetry (ISSN 2073-8994). This special issue belongs to the section "Computer".

Deadline for manuscript submissions: closed (1 July 2023) | Viewed by 20114

Special Issue Editors

Faculty of Education and Integrated Arts and Sciences, Waseda University, Shinjuku, Tokyo 169-8050, Japan
Interests: theory of cryptography; randomness and computation; quantum computation; computational complexity
Special Issues, Collections and Topics in MDPI journals
1. Vlatacom Institute of High Technology, Milutina Milankovica 5, 11070 Belgrade, Serbia
2. Technical Faculty, Singidunum University, Belgrade, Serbia
Interests: Artificial Intelligence; signal processing; cryptology; machine learning; cryptanalysis
Special Issues, Collections and Topics in MDPI journals
School of Information Engineering, Xuchang University, Xuchang 461000, China
Interests: data privacy and security; machine learning; public key cryptography; network security
Department of Mathematical Foundations of Informatics, Institute of Mathematics and Informatics, Bulgarian Academy of Sciences, 1113 Sofia, Bulgaria
Interests: cryptographic boolean functions; reed-Muller codes; finite fields; information-theoretic aspects of cryptology; cryptanalysis

Special Issue Information

Dear Colleagues,

Symmetry and asymmetry represent the basic nature of cryptography. Therefore, the additional symmetric/asymmetric properties of cryptographic schemes should be discussed. Alternatively, the essential usage of techniques based on symmetry or asymmetry should be considered. We solicit contributions not only on computational cryptography, but also information-theoretic or quantum cryptography.

Prof. Dr. Takeshi Koshiba
Prof. Dr. Milan Milosavljević
Prof. Dr. Yuan Ping
Dr. Yuri Borissov
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Symmetry is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cryptosystems
  • cryptanalysis
  • cryptographic protocols
  • quantum cryptography
  • information theoretic cryptography
  • machine learning over encrypted data
  • data security with cryptography
  • cloud computing security

Related Special Issue

Published Papers (14 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

21 pages, 592 KiB  
Article
Three-Party Password Authentication and Key Exchange Protocol Based on MLWE
by Songhui Guo, Yunfan Song, Song Guo, Yeming Yang and Shuaichao Song
Symmetry 2023, 15(9), 1750; https://doi.org/10.3390/sym15091750 - 13 Sep 2023
Viewed by 760
Abstract
With the rapid development of quantum theory, the discrete logarithm problem and significant integer factorization problem have polynomial solution algorithms under quantum computing, and their security is seriously threatened. Therefore, a three-party password-authenticated key agreement scheme based on module learning with errors problem [...] Read more.
With the rapid development of quantum theory, the discrete logarithm problem and significant integer factorization problem have polynomial solution algorithms under quantum computing, and their security is seriously threatened. Therefore, a three-party password-authenticated key agreement scheme based on module learning with errors problem was proposed, and its security was proved in the BPR model. Compared with other password-authenticated key agreement protocols, the proposed protocol has higher efficiency and a shorter key length, which can resist quantum attacks. Therefore, the protocol is efficient and secure and suitable for large-scale network communication. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

25 pages, 7399 KiB  
Article
Steganographic Method in Selected Areas of the Stego-Carrier in the Spatial Domain
by Predrag Milosav, Milan Milosavljević and Zoran Banjac
Symmetry 2023, 15(5), 1015; https://doi.org/10.3390/sym15051015 - 02 May 2023
Cited by 2 | Viewed by 1158
Abstract
The main goal of this paper is the proposal of a key-based steganographic system in which the ratio of capacity and image quality metrics that represents the stego object while reducing the detectability of hidden content was improved. The main contribution of the [...] Read more.
The main goal of this paper is the proposal of a key-based steganographic system in which the ratio of capacity and image quality metrics that represents the stego object while reducing the detectability of hidden content was improved. The main contribution of the proposed steganographic system is a new algorithm for selecting stego areas. The area selection algorithm is based on clustering the pixels of the cover object into a predetermined number of clusters. The goal of this selection of areas (clusters) is to group as many homogeneous parts of the image as possible in order to cover these areas with as few rectangular shapes as possible. Since the data on the defined rectangles represent the key of the system, the capacity of the additional secret channel is minimized in this way. On the obtained stego-carriers, an embedding of test random content is performed in order to estimate its detectability. By combining the proposed area selection method with the Minimal Decimal Difference steganographic method, a system was created with an optimal trade-off between detectability of secret content, quality and capacity of the carrier, and the length of the stego-key. Finally, a comparison of the obtained results with relevant adaptive steganographic methods is presented. The proposed concept obtains its verification in one practical system for secure file transfer of controlled cryptographic strength. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

15 pages, 10137 KiB  
Article
A Novel Phishing Website Detection Model Based on LightGBM and Domain Name Features
by Jingxian Zhou, Haibin Cui, Xina Li, Wenjin Yang and Xi Wu
Symmetry 2023, 15(1), 180; https://doi.org/10.3390/sym15010180 - 07 Jan 2023
Cited by 5 | Viewed by 1770
Abstract
Phishing attacks have evolved in terms of sophistication and have increased in sheer number in recent years. This has led to corresponding developments in the methods used to evade the detection of phishing attacks, which pose daunting challenges to the privacy and security [...] Read more.
Phishing attacks have evolved in terms of sophistication and have increased in sheer number in recent years. This has led to corresponding developments in the methods used to evade the detection of phishing attacks, which pose daunting challenges to the privacy and security of the users of smart systems. This study uses LightGBM and features of the domain name to propose a machine-learning-based method to identify phishing websites and maintain the security of smart systems. Domain name features, often known as symmetry, are the property wherein multiple domain-name-generation algorithms remain constant. The proposed model of detection is first used to extract features of the domain name of the given website, including character-level features and information on the domain name. The features are filtered to improve the model’s accuracy and are subsequently used for classification. The results of experimental comparisons showed that the proposed model of detection, which integrates two types of features for training, significantly outperforms the model that uses a single type of feature. The proposed method also has a higher detection accuracy than other methods and is suitable for the real-time detection of many phishing websites. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

16 pages, 550 KiB  
Article
LILP: A Lightweight Enciphering Algorithm to Encrypt Arbitrary-Length Messages
by Xing Zhang, Jian Chen, Tianning Li, Gang Dai and Changda Wang
Symmetry 2023, 15(1), 177; https://doi.org/10.3390/sym15010177 - 07 Jan 2023
Viewed by 957
Abstract
The advancement of the Internet of Things (IoT) has promoted the development of embedded devices. It is important to ensure data transmission security on embedded devices with limited computing power and storage space. However, the traditional block encryption algorithm cannot run efficiently on [...] Read more.
The advancement of the Internet of Things (IoT) has promoted the development of embedded devices. It is important to ensure data transmission security on embedded devices with limited computing power and storage space. However, the traditional block encryption algorithm cannot run efficiently on embedded devices because of the large amount of computation. In this paper, a lightweight length-preserving-encryption algorithm (LILP) is proposed to convert an n-bit block cipher into a special block cipher that supports an arbitrary length of no less than 2n bits as input. LILP adopts the involution design method based on a Lai–Massey structure and lightweight components to adapt to the limited computing power of embedded devices. In particular, a lightweight compression function (LCF) is designed to process the data during iteration, which improves security without reducing the efficiency of the algorithm. The experimental results show that LILP is more efficient than traditional similar algorithms in encrypting data for resource-constrained devices while ensuring data security in the IoT. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

25 pages, 1245 KiB  
Article
Implication of Lightweight and Robust Hash Function to Support Key Exchange in Health Sensor Networks
by Mishall Al-Zubaidie
Symmetry 2023, 15(1), 152; https://doi.org/10.3390/sym15010152 - 04 Jan 2023
Cited by 10 | Viewed by 1387
Abstract
Internet of Things (IoT) applications are critical for the fast delivery of health information/data in different environments. The wireless sensor network (WSN) can be used within IoT applications to collect this information in the electronic-health sector. However, the essential drawback of WSN and [...] Read more.
Internet of Things (IoT) applications are critical for the fast delivery of health information/data in different environments. The wireless sensor network (WSN) can be used within IoT applications to collect this information in the electronic-health sector. However, the essential drawback of WSN and health applications is ensuring that patient and healthcare provider data/information is protected. In addition, exchanging keys and joining the network is the first/most important line of defense to protect health information. Amid all this, the previous search has introduced many key exchange protocols but still suffers from security and performance issues for WSNs and user devices. In this research, we propose a new protocol for exchanging keys and joining the network using security algorithms that are Elliptic-curve Diffie–Hellman (ECDH) and QUARK hash (qh). We focused on applying lightweight and high-security techniques to reduce the burden on WSN resources, by adopting a solid methodological approach to support security first and performance second. The security analysis is simulated with the Scyther tool, and the results indicate that our protocol is able to block key exchange attacks known in the existing research. Furthermore, we carried out a comparison with the results of the recent search in terms of performance, our protocol provides better performance results than the results of the existing search. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

12 pages, 312 KiB  
Article
New Differentially 4-Uniform Piecewise Permutations over F22k from the Inverse Function
by Shuai Li and Li Miao
Symmetry 2023, 15(1), 131; https://doi.org/10.3390/sym15010131 - 02 Jan 2023
Viewed by 1091
Abstract
Permutations with low differential uniformity, high nonlinearity and high algebraic degree over F22k are preferred substitution boxes in modern block ciphers. In this paper, we study the bijectivity and the difference uniformity of piecewise function with the help of permutation [...] Read more.
Permutations with low differential uniformity, high nonlinearity and high algebraic degree over F22k are preferred substitution boxes in modern block ciphers. In this paper, we study the bijectivity and the difference uniformity of piecewise function with the help of permutation group theory. Based on our results, We found many at least differentially 6-uniform and differentially 4-uniform permutations over F22k, which can be chosen as the substitution boxes. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

33 pages, 4253 KiB  
Article
Application of DNA Coding, the Lorenz Differential Equations and a Variation of the Logistic Map in a Multi-Stage Cryptosystem
by Mohamed Gabr, Hana Younis, Marwa Ibrahim, Sara Alajmy, Ijaz Khalid, Eman Azab, Rimon Elias and Wassim Alexan
Symmetry 2022, 14(12), 2559; https://doi.org/10.3390/sym14122559 - 04 Dec 2022
Cited by 21 | Viewed by 2179
Abstract
The need for information security has become urgent due to the constantly changing nature of the Internet and wireless communications, as well as the daily generation of enormous volumes of multimedia. In this paper, a 3-stage image cryptosystem is developed and proposed. A [...] Read more.
The need for information security has become urgent due to the constantly changing nature of the Internet and wireless communications, as well as the daily generation of enormous volumes of multimedia. In this paper, a 3-stage image cryptosystem is developed and proposed. A tan variation of the logistic map is utilized to carry out deoxyribonucleic acid (DNA) encoding in the first stage. For the second encryption stage, the numerical solution of the Lorenz differential equations and a linear descent algorithm are jointly employed to build a robust S-box. The logistic map in its original form is utilized in the third stage. Diffusion is guaranteed through the first and third encryption stages, while confusion is guaranteed through the application of the S-box in the second encryption stage. Carrying out both confusion- and diffusion-inducing stages results in encrypted images that are completely asymmetric to their original (plain) counterparts. An extensive numerical analysis is carried out and discussed, showcasing the robustness and efficacy of the proposed algorithm in terms of resistance to visual, statistical, entropy, differential, known plaint text and brute-force attacks. Average values for the computed metrics are: Information entropy of 7.99, MSE of 9704, PSNR of 8.3 dB, MAE of 80.8, NPCR of 99.6 and UACI of 33. The proposed algorithm is shown to exhibit low computational complexity, encrypting images at an average rate of 1.015 Mbps. Moreover, it possesses a large key space of 2372, and is demonstratd to successfully pass all the tests of the NIST SP 800 suite. In order to demonstrate the superior performance of the proposed algorithm, a comparison with competing image encryption schemes from the literature is also provided. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

12 pages, 1136 KiB  
Article
Efficient Sequential and Parallel Prime Sieve Algorithms
by Hazem M. Bahig, Mohamed A. G. Hazber, Khaled Al-Utaibi, Dieaa I. Nassr and Hatem M. Bahig
Symmetry 2022, 14(12), 2527; https://doi.org/10.3390/sym14122527 - 30 Nov 2022
Cited by 2 | Viewed by 1957
Abstract
Generating prime numbers less than or equal to an integer number m plays an important role in many asymmetric key cryptosystems. Recently, a new sequential prime sieve algorithm was proposed based on set theory. The main drawback of this algorithm is that the [...] Read more.
Generating prime numbers less than or equal to an integer number m plays an important role in many asymmetric key cryptosystems. Recently, a new sequential prime sieve algorithm was proposed based on set theory. The main drawback of this algorithm is that the running time and storage are high when the size of m is large. This paper introduces three new algorithms for a prime sieve based on two approaches. The first approach develops a fast sequential prime sieve algorithm based on set theory and some structural improvements to the recent prime sieve algorithm. The second approach introduces two new parallel algorithms in the shared memory parallel model based on static and dynamic strategies. The analysis of the experimental studies shows the following results. (1) The proposed sequential algorithm outperforms the recent prime sieve algorithm in terms of running time by 98% and memory consumption by 80%, on average. (2) The two proposed parallel algorithms outperform the proposed sequential algorithm by 72% and 67%, respectively, on average. (3) The maximum speedups achieved by the dynamic and static parallel algorithms using 16 threads are 7 and 4.5, respectively. As a result, the proposed algorithms are more effective than the recent algorithm in terms of running time, storage and scalability in generating primes. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

11 pages, 278 KiB  
Article
Cryptosystems Based on Tropical Congruent Transformation of Symmetric Matrices
by Huawei Huang
Symmetry 2022, 14(11), 2378; https://doi.org/10.3390/sym14112378 - 10 Nov 2022
Cited by 1 | Viewed by 922
Abstract
Recently, public-key cryptography based on tropical semi-rings have been proposed. However, the majority of them are damaged. The main reason is that they use a public matrix to construct commutative matrix semi-rings. New public-key cryptosystems are proposed in this paper. They are based [...] Read more.
Recently, public-key cryptography based on tropical semi-rings have been proposed. However, the majority of them are damaged. The main reason is that they use a public matrix to construct commutative matrix semi-rings. New public-key cryptosystems are proposed in this paper. They are based on tropical congruent transformation of symmetric matrix by circular matrix. The NP-hard problem of solving a tropical system of nonlinear equations underlies the cryptosystem’s security. Since a known matrix cannot express the used commutative subsemi-rings of circular matrices and there is no tropical matrix addition operation and power of matrix, the cryptosystems can withstand known attacks, including the KU attack, RM attack, and IK attack. The length of the public key and private key of the new cryptosystems is half that of those described in the literature. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
14 pages, 796 KiB  
Article
Optimized Implementation of Simpira on Microcontrollers for Secure Massive Learning
by Minjoo Sim, Siwoo Eum, Hyeokdong Kwon, Kyungbae Jang, Hyunjun Kim, Hyunji Kim, Gyeongju Song, Waikong Lee and Hwajeong Seo
Symmetry 2022, 14(11), 2377; https://doi.org/10.3390/sym14112377 - 10 Nov 2022
Viewed by 999
Abstract
Internet of Things (IoT) technology, in which numerous devices cooperate, has a significant impact on existing industries, such as smart factories, smart cars, and smart cities. Massive learning and computing using data collected through the IoT are also being actively performed in these [...] Read more.
Internet of Things (IoT) technology, in which numerous devices cooperate, has a significant impact on existing industries, such as smart factories, smart cars, and smart cities. Massive learning and computing using data collected through the IoT are also being actively performed in these industries. Therefore, the security of low-end microcontrollers used in the Internet of Things should be highly considered due to their importance. Simpira Permutation is a Permutation design using the AES algorithm designed to run efficiently on 64-bit high-end processors. With the efficient implementation of Simpira algorithm, we can ensure secure massive learning in IoT devices without performance bottleneck. In nature, Simpira exploited the part of AES algorithm. The AES algorithm is the most widely used in the world, and Intel has developed hardware accelerated AES instruction set (AES-NI) to improve the performance of encryption. By using AES-NI modules, Simpira can be improved further on high-end devices. On the other hand, low-end processors do not support AES-NI modules. For this reason, an optimized implementation of efficient Simpira should be considered. In this paper, we present an optimized implementation of Simpira on 8-bit AVR microcontrollers and 32-bit RISC-V processors, which are low-end processors that do not support AES-NI features. There are three new techniques applied. First, Addroundkey is computed efficiently through pre-computation. Second, it takes advantage of the characteristics of round keys to omit some of the operations. Third, we omit unnecessary operations added to use AES-NI features. We have carried out performance evaluations on 8-bit ATmega128 microcontrollers and 32-bit RISC-V processors, which show up-to 5.76× and 37.01× better performance enhancements than the-state-of-art reference C codes for the Simpira, respectively. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

18 pages, 3225 KiB  
Article
Instruction-Fetching Attack and Practice in Collision Fault Attack on AES
by Huilong Jiang, Xiang Zhu and Jianwei Han
Symmetry 2022, 14(10), 2201; https://doi.org/10.3390/sym14102201 - 19 Oct 2022
Cited by 1 | Viewed by 1257
Abstract
A Fault Attack (FA) is performed mainly under the data corruption model and poses a threat to security chips. Instruction corruption can enact the same purpose at the behavioral level, which is produced by interfering with the instruction system. Laser Fault Injection (LFI) [...] Read more.
A Fault Attack (FA) is performed mainly under the data corruption model and poses a threat to security chips. Instruction corruption can enact the same purpose at the behavioral level, which is produced by interfering with the instruction system. Laser Fault Injection (LFI) on program memory during the instruction-fetching process, which we refer to as an instruction-fetching attack, is studied in this paper. This process bears the ability to produce a controllable instruction-fetching fault. Our work shows the implementation of the attack and its specific application case on an 8-bit microcontroller. The main contributions of this paper include: (1) We have mapped the sensitive areas precisely to the faulted instructions via laser injection and implemented controllable instruction tampering. (2) A Collision Fault Attack (CFA) scheme based on instruction-fetching fault is proposed. (3) The impacts of the faulted instructions are fully explored, including the influence on subsequent operations and key recovery. (4) The fault mechanism of the on-chip Flash is further investigated. Instruction-fetching fault means that the controller fetches a tampered instruction from the program memory under external interference, which likely gives rise to an invalid or incorrect operation. The experiment confirms that this specific fault can induce particular types of faults that are different to realize, e.g., the byte-fault model in CFA. The realization, application and mechanism of instruction-fetching fault are discussed in detail. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

26 pages, 5450 KiB  
Article
Privacy Amplification Strategies in Sequential Secret Key Distillation Protocols Based on Machine Learning
by Jelica Radomirović, Milan Milosavljević, Branko Kovačević and Miloš Jovanović
Symmetry 2022, 14(10), 2028; https://doi.org/10.3390/sym14102028 - 27 Sep 2022
Cited by 1 | Viewed by 1233
Abstract
It is well known that Renyi’s entropy of order 2 determines the maximum possible length of the distilled secret keys in sequential secret key distillation protocols so that no information is leaked to the eavesdropper. There have been no attempts to estimate this [...] Read more.
It is well known that Renyi’s entropy of order 2 determines the maximum possible length of the distilled secret keys in sequential secret key distillation protocols so that no information is leaked to the eavesdropper. There have been no attempts to estimate this key quantity based on information available to the legitimate parties to this protocol in the literature. We propose a new machine learning system, which estimates the lower bound of conditional Renyi entropy with high accuracy, based on 13 characteristics locally measured on the side of legitimate participants. The system is based on a prediction intervals deep neural network, trained for a given source of common randomness. We experimentally evaluated this result for two different sources, namely 14 and 6-dimensional EEG signals, of 50 participants, with varying advantage distillation and information reconciliation strategies with and without additional lossless compression block. Across all proposed systems and analyzed sources on average, the best machine learning strategy, called the hybrid strategy, increases the quantity of generated keys 2.77 times compared to the classical strategy. By introducing the Huffman lossless coder before the PA block, the loss of potential source randomness was reduced from 68.48% to a negligible 0.75%, while the leakage rate per one bit remains in the order of magnitude 10−4. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

18 pages, 385 KiB  
Article
On (Unknowingly) Using Near-Square RSA Primes
by Wan Nur Aqlili Ruzai, Amir Hamzah Abd Ghafar, Nur Raidah Salim and Muhammad Rezal Kamel Ariffin
Symmetry 2022, 14(9), 1898; https://doi.org/10.3390/sym14091898 - 11 Sep 2022
Cited by 1 | Viewed by 1681
Abstract
The invention in 1978 of the first practical asymmetric cryptosystem known as RSA was a breakthrough within the long history of secret communications. Since its inception, the RSA cryptosystem has become embedded in millions of digital applications with the objectives of ensuring confidentiality, [...] Read more.
The invention in 1978 of the first practical asymmetric cryptosystem known as RSA was a breakthrough within the long history of secret communications. Since its inception, the RSA cryptosystem has become embedded in millions of digital applications with the objectives of ensuring confidentiality, integrity, authenticity, and disallowing repudiation. However, the generation of the RSA modulus, N=pq which requires p and q to be random primes, may accidentally entail the choice of a special type of prime called a near-square prime. This structure of N may be used unknowingly en masse in real-world applications since no current cryptographic implementation prevents its generation. In this study, we show that use of this type of prime will potentially lead to total destruction of RSA. We present three cases of near-square primes used as RSA primes, set in the form of (i) N=pq=(amra)(bmrb); (ii) N=pq=(am+ra)(bmrb); and (iii) N=pq=(amra)(bm+rb). Although (ii) and (iii) are quite similar, p and q must be within the same size range of n-bits, which results in different conditions for both cases. We formulate attacks using three different algorithms to better understand their feasibility. We also provide an efficient countermeasure that it is recommended is adopted by current cryptographic libraries with RSA implementation. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

13 pages, 463 KiB  
Article
Small Private Exponent Attacks on RSA Using Continued Fractions and Multicore Systems
by Hatem M. Bahig, Dieaa I. Nassr, Mohammed A. Mahdi and Hazem M. Bahig
Symmetry 2022, 14(9), 1897; https://doi.org/10.3390/sym14091897 - 10 Sep 2022
Cited by 5 | Viewed by 1621
Abstract
The RSA (Rivest–Shamir–Adleman) asymmetric-key cryptosystem is widely used for encryptions and digital signatures. Let (n,e) be the RSA public key and d be the corresponding private key (or private exponent). One of the attacks on RSA is to find [...] Read more.
The RSA (Rivest–Shamir–Adleman) asymmetric-key cryptosystem is widely used for encryptions and digital signatures. Let (n,e) be the RSA public key and d be the corresponding private key (or private exponent). One of the attacks on RSA is to find the private key d using continued fractions when d is small. In this paper, we present a new technique to improve a small private exponent attack on RSA using continued fractions and multicore systems. The idea of the proposed technique is to find an interval that contains ϕ(n), and then propose a method to generate different points in the interval that can be used by continued fraction and multicore systems to recover the private key, where ϕ is Euler’s totient function. The practical results of three small private exponent attacks on RSA show that we extended the previous bound of the private key that is discovered by continued fractions. When n is 1024 bits, we used 20 cores to extend the bound of d by 0.016 for de Weger, Maitra-Sarkar, and Nassr et al. attacks in average times 7.67 h, 2.7 h, and 44 min, respectively. Full article
(This article belongs to the Special Issue Symmetry and Asymmetry in Cryptography)
Show Figures

Figure 1

Back to TopTop