|
[1] R. J. Anderson, “A practical RSA trapdoor,” Electronic Letters, vol. 29, no. 11, p. 995, 1993. [2] A. Shamir, “Partial Key Escrow: A new approach to software key escrow,” Proc. of the Key Escrow Conf., Washington, 1995 [3] D. Boneh and G. Durfee, “Cryptanalysis of RSA with private key d less than n0.292,” IEEE Trans. Inf. Theory, vol. 46, no. 4, pp. 1339-1349, 2000. [4] D. Boneh, G. Durfee, and Y. Frankel, “An attack on RSA given a small fraction of the private key bits,” Advances in Cryptology–ASIACRYPT ’98 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 1514, pp. 25-34, 1998. [5] D. Boneh and R. Venkatesan, “Breaking RSA may not be equivalent to factoring,” Advances in Cryptology–EUROCRYPT '98 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 1233, pp. 59-71, 1998. [6] D. Coppersmith, “Finding a small root of a bivariate integer equation: factoring with high bits known,” Advances in Cryptology–EUROCRYPT ’96 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 1070, pp. 178-189, 1996. [7] D. Coppersmith, “Small solutions to polynomial equations, and low exponent RSA vulnerabilities,” J. Cryptology, vol. 10, pp.233-260, 1997. [8] Z. Chai, Z. Cao, and R. Lu, “ID-based threshold decryption without random oracles and its application in key escrow,” Proc. of the 3rd Int. Conf. on Inf. Security, November 14-16, 2004. [9] C. Coupé, P. Nguyen, and J. Stern, “The Effectiveness of Lattice Attacks Against Low-Exponent RSA,” Public Key Cryptography–PKC’ 99 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 1560, pp. 204-218, 1999. [10] C. Crépeau and A. Slakmon, “Simple backdoors for RSA key generation,” Topics in Cryptology—CT-RSA ’03 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 2612, pp. 403-416, 2003. [11] D.E. Denning, “The US key escrow encryption technology,” Computer Communications, vol. 17, no.7, pp.453-457, 1994. [12] W. Diffie and M. Hellman, “New Directions in Cryptography,” IEEE Trans. Inf. Theory, vol. 22, no. 6, pp. 644-654, 1976. [13] G. Durfee and P. Q. Nguyen, “Cryptanalysis of the RSA Schemes with Short Secret Exponent form Asiacrypt '99,” Advances in Cryptology-ASIACRYPT ’00 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 1976, pp. 1-11, 2000. [14] N. Howgrave-Graham, “Finding small roots of univariate modular equations revisited,” Proc. of Cryptography and Coding (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 1355, pp. 131-142, 1997. [15] S. D. Galbraith, C. Heneghan, and J. F. Mckee, “Tunable balancing of RSA,” Inf. Security and Privacy: 10th Australasian Conf.–ACISP ’05 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 3574, pp. 280-292, 2005. [16] J. Hasted, “On Using RSA with Low Exponent in a Public Key Network,” Advances in Cryptology–CRYPTO ’85 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, pp. 403-408, 1986. [17] M. J. Hinek, “Lattice Attacks in Cryptography: A Partial Overview,” Technical Report CACR 2004-08, University of Waterloo, 2004. [18] M Jason Hinek, Mo King Low, and Edlyn Teske, “On some attacks on multi-prime RSA,” Selected Areas in Cryptography–SAC ’02 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 2595, pp. 385-404, 2002. [19] Jihoon Cho, “Ten Years of RSA Cheating Cryptosystems,” MMath Essay, Dept. of Combinatorics & Optimization, University of Waterloo, 2004. [20] B. S. Kaliski, “Anderson’s RSA trapdoor can be broken,” Electronics Letters, vol. 29, no.15, p. 1387, 1993. [21] A. K. Lenstra, H. W. Lenstra, and L. Lovász, “Factoring polynomials with rational coefficients,” Mathematische Annalen 261, pp. 515-534, 1982. [22] A. May, “Cryptanalysis of unbalanced RSA with small CRT-exponent,” Advances in Cryptology–CRYPTO ’02 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 2442, pp. 242-256, 2002. [23] J. Nechvatal, "A public-key-based key escrow system," J. of Systems and Software, vol. 35, no. 1, pp. 73-83, 1996. [24] I. Niven and H. S. Zuckerman, An introduction to the theory of number, John Wiley and Sons Inc., 1991. [25] J. J. Quisquater and C. Couvreur, “Fast decipherment algorithm for RSA public key cryptosystem,” Electronic Letters, vol. 18, pp. 905-907, 1982. [26] M. Rabin, “Digitalized signatures and public-key functions as intractable as factorization,” Technical Report, MIT/LCS/TR212, MIT Lab., Computer Science, Cambridge, January 1979. [27] R. L. Rivest and A. Shamir, “Efficient factoring based on partial information,” Advances in Cryptology–EUROCRYPT ’85 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 219, pp. 31-34, 1985. [28] R. Rivest and R. D. Silverman, “Are ‘strong’ primes needed for RSA,” the 1997 RSA Laboratories Seminar Series, Seminars Proceedings, 1997. [29] R. Rivest, A. Shamir, and L. Aldeman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM, vol. 21, no.2, pp.120-126, 1978. [30] H. M. Sun, M. J. Hinek and M. E. Wu, “On the Design of Rebalanced RSA-CRT,” Technical Report CACR 2005-35. The paper is available from http://www.cacr.math.uwaterloo.ca/techreports/2005/cacr2005-35.pdf. [31] H. M. Sun and C. T. Yang, “RSA with Balanced Short Exponents and Its Application of Entity Authentication,” Public Key Cryptography–PKC ’05 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, pp. 199-215, 2005. [32] Wade Trappe and Lawrence C. Washington, Introduction to Cryptography with coding theory, Practice-Hall, Inc., 2002. [33] E. Verheul and H. van Tilborg, “Cryptanalysis of less short RSA secret exponents,” Applicable Algebra in Engineering, Communication and Computing. Berlin Germany: Springer-Verlag, vol. 8, pp. 425-435, 1997. [34] M. Wiener, “Cryptanalysis of short RSA secret exponents,” IEEE Trans. Inf. Theory, vol. 36, no. 3, pp. 553-558, 1990. [35] A. Young and M. Yung, “The Dark Side of Black-Box Cryptography or: Should We Trust Capstone?” Advances in Cryptology–CRYPTO ’96 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 1109, pp 89-103, 1996. [36] A. Young and M. Yung, “Kleptography : Using cryptography against cryptography” Advances in Cryptology–EUROCRYPT ’97 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 1233, pp. 62-74, 1997. [37] A. Young and M. Yung, “A space efficient backdoor in RSA and its applications,” Selected Areas in Cryptography–SAC ’05 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 3897, pp. 128-143, 2005. [38] A. Young and M. Yung, “Malicious cryptography: kleptographic aspects,” Topics in Cryptology—CT-RSA ’05 (Lecture Notes in Computer Science). Berlin Germany: Springer-Verlag, vol. 3376, pp. 7-18, 2005. [39] NTL website: http://www.shoup.net/ntl/. [40] GMP website: http://www.swox.com/gmp/.
|