TY - JOUR
T1 - Attacks on Shamir's 'RSA for paranoids'
AU - Gilbert, Henri
AU - Gupta, Dipankar
AU - Odlyzko, Andrew
AU - Quisquater, Jean Jacques
PY - 1998/11/30
Y1 - 1998/11/30
N2 - In order to allow for efficient use of extremely large moduli, Adi Shamir has proposed a variant of RSA in which one of the two prime factors is much smaller than the other. This note points out that unless special precautions are taken, simple implementations of Shamir's idea are subject to protocol attacks that recover the secret keys.
AB - In order to allow for efficient use of extremely large moduli, Adi Shamir has proposed a variant of RSA in which one of the two prime factors is much smaller than the other. This note points out that unless special precautions are taken, simple implementations of Shamir's idea are subject to protocol attacks that recover the secret keys.
KW - Cryptography
KW - Safety/security in digital systems
UR - http://www.scopus.com/inward/record.url?scp=0032206093&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=0032206093&partnerID=8YFLogxK
U2 - 10.1016/s0020-0190(98)00160-4
DO - 10.1016/s0020-0190(98)00160-4
M3 - Article
AN - SCOPUS:0032206093
SN - 0020-0190
VL - 68
SP - 197
EP - 199
JO - Information Processing Letters
JF - Information Processing Letters
IS - 4
ER -