Lecturer: Ellen Jochemsz
| In literature, many variants on the RSA cryptosystem have been proposed to achieve a faster decryption or encryption phase. Although imposing special properties on the RSA-variables may improve the efficiency, it also gives rise to attacks that use these special properties. In the talk, we first sketch a general strategy of finding small roots of polynomials. In the cryptanalysis of two RSA variants, such a polynomial with a small root appears, which helps us to mount attacks on the variants. |