Attacks on RSA: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
imported>Sandy Harris
Line 16: Line 16:
== TWIRL ==
== TWIRL ==


'''The Weizman Instiute Relation Locator''' [http://www.rsa.com/rsalabs/node.asp?id=2004], developed by [[Adi Shamir]] (The 'S' in RSA) and [[Evan Tromer]], is a machine designed to speed up the seiving step in the [[number field seive]] technique for [[integer factorisation]].
'''The Weizman Instiute Relation Locator''' <ref>{{cite paper
| author=Adi Shamir & Eran Tromer
| title=On the cost of factoring RSA-1024
| journal=RSA CryptoBytes
| volume=6
| date=2003
| url=http://people.csail.mit.edu/tromer/
}}</ref>, developed by [[Adi Shamir]] (The 'S' in RSA) and [[Evan Tromer]], is a machine designed to speed up the seiving step in the [[number field seive]] technique for [[integer factorisation]].
 
RSA Security have commented [http://www.rsa.com/rsalabs/node.asp?id=2004].

Revision as of 23:50, 13 April 2009

A number of methods have been proposed for attacking the RSA cryptosystem. This article describes them.

Any efficient solution to the integer factorisation problem would break RSA; see the RSA article for discussion. The difficulty with that approach is that no efficient solution is known. Cracking a large (say 1024 bits or more) RSA key with current factoring algorithms is not practical, even with massive parallelism.

Weiner attack

Michael Weiner proposed an attack [1] based on continued fractions which is effective if the exponent in the secret key is small.

TWIRL

The Weizman Instiute Relation Locator [2], developed by Adi Shamir (The 'S' in RSA) and Evan Tromer, is a machine designed to speed up the seiving step in the number field seive technique for integer factorisation.

RSA Security have commented [1].

  1. {{cite paper | title=Cryptanalysis of short RSA secret exponents | author=Wiener, M.J. | journal= IEEE Transactions on Information Theory | volume= 36 | issue= 3 | date=May 1990 | page=553 - 558
  2. Adi Shamir & Eran Tromer (2003). On the cost of factoring RSA-1024.