Gilbert, H
Quisquater, Jean-Jacques
[UCL]
Gupta, D
Odlyzko, A
In order to allow for efficient use of extremely large moduli, Adi Shamir has proposed a variant of RSA in which one of the two prime factors is much smaller than the other. This node points out that unless special precautions are taken, simple implementations of Shamir's idea are subject to protocol attacks that recover the secret keys. (C) 1998 Published by Elsevier Science B.V. All rights reserved.
Bibliographic reference |
Gilbert, H ; Quisquater, Jean-Jacques ; Gupta, D ; Odlyzko, A. Attacks on Shamir's 'RSA for paranoids'. In: Information Processing Letters, Vol. 68, no. 4, p. 197-199 (1998) |
Permanent URL |
http://hdl.handle.net/2078.1/44935 |