Ciphertext-Only Attack on RSA Using Lattice Basis Reduction

Ciphertext-Only Attack on RSA Using Lattice

Basis Reduction

Anas Ibrahim1,2, Alexander Chefranov1, and Rushdi Hamamreh3
1
Computer Engineering Department, Eastern Mediterranean University, North Cyprus
2Computer Engineering Department, Palestine Technical University, Palestine
3Computer Engineering Department, Al-Quds University, Palestine

Abstract: We use lattice basis reduction for ciphertext-only attack on RSA. Our attack is applicable in the conditions when known attacks are not applicable, and, contrary to known attacks, it does not require prior knowledge of a part of a message or key, small encryption key, , or message broadcasting. Our attack is successful when a vector, comprised of a message and its exponent, is likely to be the shortest in the lattice, and meets Minkowski's Second Theorem bound. We have conducted experiments for message, keys, and encryption/decryption keys with sizes from 40 to 8193 bits, with dozens of thousands of successful RSA cracks. It took about 45 seconds for cracking 2001 messages of 2050 bits and for large public key values related with Euler’s totient function, and the same order private keys. Based on our findings, for RSA not to be susceptible to the proposed attack, it is recommended avoiding RSA public key form used in our experiments.

Keywords: Ciphertext-only attack, encryption key, euler’s totient function, Gaussian lattice basis reduction, RSA, shortest vector problem.

Received May 13, 2020; accepted September 28, 2020
https://doi.org/10.34028/iajit/18/2/13

 Full text  

Read 1154 times Last modified on Wednesday, 24 February 2021 03:06
Share
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…