Factoring RSA Modulus with Primes not Necessarily Sharing Least Significant Bits

Authors

Hatem M. Bahig, Computer Science Division, Department of Mathematics, Faculty of Science, Ain Shams University, Cairo, EgyptFollow
Dieaa I. Nassr, Computer Science Division, Department of Mathematics, Faculty of Science, Ain Shams University, Cairo, EgyptFollow
Ashraf Bhery, Computer Science Division, Department of Mathematics, Faculty of Science, Ain Shams University, Cairo, EgyptFollow

Author Country (or Countries)

Egypt

Abstract

The security of many public-key cryptosystems, such as RSA, is based on the difficulty of factoring a composite integer. Until now, there is no known polynomial time algorithm to factor any composite integer with classical computers. In this paper, we study factoring n when n= pq is a product of two primes p and q satisfying that p≡lk1 mod 2q1 and q≡lk2 mod 2q2 for some positive integers q1,q2, k1, k2 ≤ logn and l.We show that n can be factored in time polynomial in logn if l < 2q and either | p−lk1 2q1 || q−lk2 2q2 |< lk or 2q ′ ≥ n1/4, where q = min{q1,q2}, q ′ = max{q1,q2} and k = min{k1, k2}. We also show that the result of Steinfeld and Zheng [21] when the two primes p and q share least significant bits is a special case of our results. Our results point out the warring for cryptographic designers to be careful when generating primes for the RSA modulus

Digital Object Identifier (DOI)

http://dx.doi.org/10.18576/amis/110130

Recommended Citation

M. Bahig, Hatem; I. Nassr, Dieaa; and Bhery, Ashraf (2017) "Factoring RSA Modulus with Primes not Necessarily Sharing Least Significant Bits," Applied Mathematics & Information Sciences: Vol. 11: Iss. 1, Article 30.
DOI: http://dx.doi.org/10.18576/amis/110130
Available at: https://digitalcommons.aaru.edu.jo/amis/vol11/iss1/30