When e-th Roots Become Easier Than Factoring
Identifieur interne : 005364 ( Hal/Curation ); précédent : 005363; suivant : 005365When e-th Roots Become Easier Than Factoring
Auteurs : Antoine Joux [France] ; David Naccache [France] ; Emmanuel Thomé [France]Source :
English descriptors
Abstract
We show that computing $e$-th roots modulo $n$ is easier than factoring $n$ with currently known methods, given subexponential access to an oracle outputting the roots of numbers of the form $x_i + c$. Here $c$ is fixed and $x_i$ denotes small integers of the attacker's choosing. Several variants of the attack are presented, with varying assumptions on the oracle, and goals ranging from selective to universal forgeries. The computational complexity of the attack is $L_n(\frac{1}{3}, \sqrt[3]{\frac{32}{9}})$ in most significant situations, which matches the {\sl special} number field sieve's ({\sc snfs}) complexity. This sheds additional light on {\sc rsa}'s malleability in general and on {\sc rsa}'s resistance to affine forgeries in particular -- a problem known to be polynomial for $x_i > \sqrt[3]{n}$, but for which no algorithm faster than factoring was known before this work.
Url:
DOI: 10.1007/978-3-540-76900-2_2
Links toward previous steps (curation, corpus...)
- to stream Hal, to step Corpus: Pour aller vers cette notice dans l'étape Curation :005364
Links to Exploration step
Hal:inria-00187782Le document en format XML
<record><TEI><teiHeader><fileDesc><titleStmt><title xml:lang="en">When e-th Roots Become Easier Than Factoring</title><author><name sortKey="Joux, Antoine" sort="Joux, Antoine" uniqKey="Joux A" first="Antoine" last="Joux">Antoine Joux</name><affiliation wicri:level="1"><hal:affiliation type="laboratory" xml:id="struct-31978" status="VALID"><idno type="IdRef">183458028</idno><idno type="RNSR">200312800E</idno><orgName>Parallélisme, Réseaux, Systèmes, Modélisation</orgName><orgName type="acronym">PRISM</orgName><date type="start">2003</date><desc><address><addrLine>UFR des sciences PRISM Bâtiment Descartes 45 avenue des Etats-Unis78035 VERSAILLES</addrLine><country key="FR"></country></address><ref type="url">http://www.prism.uvsq.fr/</ref></desc><listRelation><relation name="FRE3709" active="#struct-81173" type="direct"></relation><relation name="UMR8144" active="#struct-441569" type="direct"></relation></listRelation><tutelles><tutelle name="FRE3709" active="#struct-81173" type="direct"><org type="institution" xml:id="struct-81173" status="VALID"><idno type="IdRef">03082057X</idno><idno type="ISNI">0000 0001 2323 0229 </idno><orgName>Université de Versailles Saint-Quentin-en-Yvelines</orgName><orgName type="acronym">UVSQ</orgName><date type="start">1991-07-22</date><desc><address><addrLine>55 avenue de Paris - 78035 Versailles cedex</addrLine><country key="FR"></country></address><ref type="url">http://www.uvsq.fr/</ref></desc></org></tutelle><tutelle name="UMR8144" active="#struct-441569" type="direct"><org type="institution" xml:id="struct-441569" status="VALID"><idno type="ISNI">0000000122597504</idno><idno type="IdRef">02636817X</idno><orgName>Centre National de la Recherche Scientifique</orgName><orgName type="acronym">CNRS</orgName><date type="start">1939-10-19</date><desc><address><country key="FR"></country></address><ref type="url">http://www.cnrs.fr/</ref></desc></org></tutelle></tutelles></hal:affiliation><country>France</country><placeName><settlement type="city">Versailles</settlement><region type="region" nuts="2">Île-de-France</region></placeName><orgName type="university">Université de Versailles-Saint-Quentin-en-Yvelines</orgName></affiliation></author><author><name sortKey="Naccache, David" sort="Naccache, David" uniqKey="Naccache D" first="David" last="Naccache">David Naccache</name><affiliation wicri:level="1"><hal:affiliation type="laboratory" xml:id="struct-1315" status="VALID"><orgName>Laboratoire d'informatique de l'école normale supérieure</orgName><orgName type="acronym">LIENS</orgName><desc><address><addrLine>45 Rue d'Ulm 75230 PARIS CEDEX 05</addrLine><country key="FR"></country></address><ref type="url">http://www.di.ens.fr</ref></desc><listRelation><relation active="#struct-59704" type="direct"></relation><relation name="UMR8548" active="#struct-441569" type="direct"></relation></listRelation><tutelles><tutelle active="#struct-59704" type="direct"><org type="institution" xml:id="struct-59704" status="VALID"><orgName>École normale supérieure - Paris</orgName><orgName type="acronym">ENS Paris</orgName><desc><address><addrLine>45, Rue d'Ulm - 75230 Paris cedex 05</addrLine><country key="FR"></country></address><ref type="url">http://www.ens.fr</ref></desc></org></tutelle><tutelle name="UMR8548" active="#struct-441569" type="direct"><org type="institution" xml:id="struct-441569" status="VALID"><idno type="ISNI">0000000122597504</idno><idno type="IdRef">02636817X</idno><orgName>Centre National de la Recherche Scientifique</orgName><orgName type="acronym">CNRS</orgName><date type="start">1939-10-19</date><desc><address><country key="FR"></country></address><ref type="url">http://www.cnrs.fr/</ref></desc></org></tutelle></tutelles></hal:affiliation><country>France</country></affiliation></author><author><name sortKey="Thome, Emmanuel" sort="Thome, Emmanuel" uniqKey="Thome E" first="Emmanuel" last="Thomé">Emmanuel Thomé</name><affiliation wicri:level="1"><hal:affiliation type="researchteam" xml:id="struct-24434" status="OLD"><idno type="RNSR">200618304Z</idno><orgName>Curves, Algebra, Computer Arithmetic, and so On</orgName><orgName type="acronym">CACAO</orgName><desc><address><country key="FR"></country></address><ref type="url">http://www.inria.fr/equipes/cacao</ref></desc><listRelation><relation active="#struct-160" type="direct"></relation><relation name="UMR7503" active="#struct-441569" type="indirect"></relation><relation active="#struct-300009" type="indirect"></relation><relation active="#struct-300291" type="indirect"></relation><relation active="#struct-300292" type="indirect"></relation><relation active="#struct-300293" type="indirect"></relation><relation active="#struct-2496" type="direct"></relation></listRelation><tutelles><tutelle active="#struct-160" type="direct"><org type="laboratory" xml:id="struct-160" status="OLD"><orgName>Laboratoire Lorrain de Recherche en Informatique et ses Applications</orgName><orgName type="acronym">LORIA</orgName><desc><address><addrLine>Campus Scientifique BP 239 54506 Vandoeuvre-lès-Nancy Cedex</addrLine><country key="FR"></country></address><ref type="url">http://www.loria.fr</ref></desc><listRelation><relation name="UMR7503" active="#struct-441569" type="direct"></relation><relation active="#struct-300009" type="direct"></relation><relation active="#struct-300291" type="direct"></relation><relation active="#struct-300292" type="direct"></relation><relation active="#struct-300293" type="direct"></relation></listRelation></org></tutelle><tutelle name="UMR7503" active="#struct-441569" type="indirect"><org type="institution" xml:id="struct-441569" status="VALID"><idno type="ISNI">0000000122597504</idno><idno type="IdRef">02636817X</idno><orgName>Centre National de la Recherche Scientifique</orgName><orgName type="acronym">CNRS</orgName><date type="start">1939-10-19</date><desc><address><country key="FR"></country></address><ref type="url">http://www.cnrs.fr/</ref></desc></org></tutelle><tutelle active="#struct-300009" type="indirect"><org type="institution" xml:id="struct-300009" status="VALID"><orgName>Institut National de Recherche en Informatique et en Automatique</orgName><orgName type="acronym">Inria</orgName><desc><address><addrLine>Domaine de VoluceauRocquencourt - BP 10578153 Le Chesnay Cedex</addrLine><country key="FR"></country></address><ref type="url">http://www.inria.fr/en/</ref></desc></org></tutelle><tutelle active="#struct-300291" type="indirect"><org type="institution" xml:id="struct-300291" status="OLD"><orgName>Université Henri Poincaré - Nancy 1</orgName><orgName type="acronym">UHP</orgName><date type="end">2011-12-31</date><desc><address><addrLine>24-30 rue Lionnois, BP 60120, 54 003 NANCY cedex, France</addrLine><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-300292" type="indirect"><org type="institution" xml:id="struct-300292" status="OLD"><orgName>Université Nancy 2</orgName><date type="end">2011-12-31</date><desc><address><addrLine>91 avenue de la Libération, BP 454, 54001 Nancy cedex</addrLine><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-300293" type="indirect"><org type="institution" xml:id="struct-300293" status="OLD"><orgName>Institut National Polytechnique de Lorraine</orgName><orgName type="acronym">INPL</orgName><date type="end">2011-12-31</date><desc><address><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-2496" type="direct"><org type="laboratory" xml:id="struct-2496" status="OLD"><orgName>INRIA Lorraine</orgName><desc><address><addrLine>615 rue du Jardin Botanique 54600 Villers-lès-Nancy</addrLine><country key="FR"></country></address><ref type="url">http://www.inria.fr/centre-de-recherche-inria/nancy-grand-est</ref></desc><listRelation><relation active="#struct-300009" type="direct"></relation></listRelation></org></tutelle></tutelles></hal:affiliation><country>France</country><placeName><settlement type="city">Nancy</settlement><region type="region" nuts="2">Grand Est</region><region type="old region" nuts="2">Lorraine (région)</region></placeName><orgName type="university">Université Nancy 2</orgName><orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName><placeName><settlement type="city">Nancy</settlement><region type="region" nuts="2">Grand Est</region><region type="old region" nuts="2">Lorraine (région)</region></placeName><orgName type="university">Institut national polytechnique de Lorraine</orgName><orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName></affiliation></author></titleStmt><publicationStmt><idno type="wicri:source">HAL</idno><idno type="RBID">Hal:inria-00187782</idno><idno type="halId">inria-00187782</idno><idno type="halUri">https://hal.inria.fr/inria-00187782</idno><idno type="url">https://hal.inria.fr/inria-00187782</idno><idno type="doi">10.1007/978-3-540-76900-2_2</idno><date when="2007-12">2007-12</date><idno type="wicri:Area/Hal/Corpus">005364</idno><idno type="wicri:Area/Hal/Curation">005364</idno></publicationStmt><sourceDesc><biblStruct><analytic><title xml:lang="en">When e-th Roots Become Easier Than Factoring</title><author><name sortKey="Joux, Antoine" sort="Joux, Antoine" uniqKey="Joux A" first="Antoine" last="Joux">Antoine Joux</name><affiliation wicri:level="1"><hal:affiliation type="laboratory" xml:id="struct-31978" status="VALID"><idno type="IdRef">183458028</idno><idno type="RNSR">200312800E</idno><orgName>Parallélisme, Réseaux, Systèmes, Modélisation</orgName><orgName type="acronym">PRISM</orgName><date type="start">2003</date><desc><address><addrLine>UFR des sciences PRISM Bâtiment Descartes 45 avenue des Etats-Unis78035 VERSAILLES</addrLine><country key="FR"></country></address><ref type="url">http://www.prism.uvsq.fr/</ref></desc><listRelation><relation name="FRE3709" active="#struct-81173" type="direct"></relation><relation name="UMR8144" active="#struct-441569" type="direct"></relation></listRelation><tutelles><tutelle name="FRE3709" active="#struct-81173" type="direct"><org type="institution" xml:id="struct-81173" status="VALID"><idno type="IdRef">03082057X</idno><idno type="ISNI">0000 0001 2323 0229 </idno><orgName>Université de Versailles Saint-Quentin-en-Yvelines</orgName><orgName type="acronym">UVSQ</orgName><date type="start">1991-07-22</date><desc><address><addrLine>55 avenue de Paris - 78035 Versailles cedex</addrLine><country key="FR"></country></address><ref type="url">http://www.uvsq.fr/</ref></desc></org></tutelle><tutelle name="UMR8144" active="#struct-441569" type="direct"><org type="institution" xml:id="struct-441569" status="VALID"><idno type="ISNI">0000000122597504</idno><idno type="IdRef">02636817X</idno><orgName>Centre National de la Recherche Scientifique</orgName><orgName type="acronym">CNRS</orgName><date type="start">1939-10-19</date><desc><address><country key="FR"></country></address><ref type="url">http://www.cnrs.fr/</ref></desc></org></tutelle></tutelles></hal:affiliation><country>France</country><placeName><settlement type="city">Versailles</settlement><region type="region" nuts="2">Île-de-France</region></placeName><orgName type="university">Université de Versailles-Saint-Quentin-en-Yvelines</orgName></affiliation></author><author><name sortKey="Naccache, David" sort="Naccache, David" uniqKey="Naccache D" first="David" last="Naccache">David Naccache</name><affiliation wicri:level="1"><hal:affiliation type="laboratory" xml:id="struct-1315" status="VALID"><orgName>Laboratoire d'informatique de l'école normale supérieure</orgName><orgName type="acronym">LIENS</orgName><desc><address><addrLine>45 Rue d'Ulm 75230 PARIS CEDEX 05</addrLine><country key="FR"></country></address><ref type="url">http://www.di.ens.fr</ref></desc><listRelation><relation active="#struct-59704" type="direct"></relation><relation name="UMR8548" active="#struct-441569" type="direct"></relation></listRelation><tutelles><tutelle active="#struct-59704" type="direct"><org type="institution" xml:id="struct-59704" status="VALID"><orgName>École normale supérieure - Paris</orgName><orgName type="acronym">ENS Paris</orgName><desc><address><addrLine>45, Rue d'Ulm - 75230 Paris cedex 05</addrLine><country key="FR"></country></address><ref type="url">http://www.ens.fr</ref></desc></org></tutelle><tutelle name="UMR8548" active="#struct-441569" type="direct"><org type="institution" xml:id="struct-441569" status="VALID"><idno type="ISNI">0000000122597504</idno><idno type="IdRef">02636817X</idno><orgName>Centre National de la Recherche Scientifique</orgName><orgName type="acronym">CNRS</orgName><date type="start">1939-10-19</date><desc><address><country key="FR"></country></address><ref type="url">http://www.cnrs.fr/</ref></desc></org></tutelle></tutelles></hal:affiliation><country>France</country></affiliation></author><author><name sortKey="Thome, Emmanuel" sort="Thome, Emmanuel" uniqKey="Thome E" first="Emmanuel" last="Thomé">Emmanuel Thomé</name><affiliation wicri:level="1"><hal:affiliation type="researchteam" xml:id="struct-24434" status="OLD"><idno type="RNSR">200618304Z</idno><orgName>Curves, Algebra, Computer Arithmetic, and so On</orgName><orgName type="acronym">CACAO</orgName><desc><address><country key="FR"></country></address><ref type="url">http://www.inria.fr/equipes/cacao</ref></desc><listRelation><relation active="#struct-160" type="direct"></relation><relation name="UMR7503" active="#struct-441569" type="indirect"></relation><relation active="#struct-300009" type="indirect"></relation><relation active="#struct-300291" type="indirect"></relation><relation active="#struct-300292" type="indirect"></relation><relation active="#struct-300293" type="indirect"></relation><relation active="#struct-2496" type="direct"></relation></listRelation><tutelles><tutelle active="#struct-160" type="direct"><org type="laboratory" xml:id="struct-160" status="OLD"><orgName>Laboratoire Lorrain de Recherche en Informatique et ses Applications</orgName><orgName type="acronym">LORIA</orgName><desc><address><addrLine>Campus Scientifique BP 239 54506 Vandoeuvre-lès-Nancy Cedex</addrLine><country key="FR"></country></address><ref type="url">http://www.loria.fr</ref></desc><listRelation><relation name="UMR7503" active="#struct-441569" type="direct"></relation><relation active="#struct-300009" type="direct"></relation><relation active="#struct-300291" type="direct"></relation><relation active="#struct-300292" type="direct"></relation><relation active="#struct-300293" type="direct"></relation></listRelation></org></tutelle><tutelle name="UMR7503" active="#struct-441569" type="indirect"><org type="institution" xml:id="struct-441569" status="VALID"><idno type="ISNI">0000000122597504</idno><idno type="IdRef">02636817X</idno><orgName>Centre National de la Recherche Scientifique</orgName><orgName type="acronym">CNRS</orgName><date type="start">1939-10-19</date><desc><address><country key="FR"></country></address><ref type="url">http://www.cnrs.fr/</ref></desc></org></tutelle><tutelle active="#struct-300009" type="indirect"><org type="institution" xml:id="struct-300009" status="VALID"><orgName>Institut National de Recherche en Informatique et en Automatique</orgName><orgName type="acronym">Inria</orgName><desc><address><addrLine>Domaine de VoluceauRocquencourt - BP 10578153 Le Chesnay Cedex</addrLine><country key="FR"></country></address><ref type="url">http://www.inria.fr/en/</ref></desc></org></tutelle><tutelle active="#struct-300291" type="indirect"><org type="institution" xml:id="struct-300291" status="OLD"><orgName>Université Henri Poincaré - Nancy 1</orgName><orgName type="acronym">UHP</orgName><date type="end">2011-12-31</date><desc><address><addrLine>24-30 rue Lionnois, BP 60120, 54 003 NANCY cedex, France</addrLine><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-300292" type="indirect"><org type="institution" xml:id="struct-300292" status="OLD"><orgName>Université Nancy 2</orgName><date type="end">2011-12-31</date><desc><address><addrLine>91 avenue de la Libération, BP 454, 54001 Nancy cedex</addrLine><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-300293" type="indirect"><org type="institution" xml:id="struct-300293" status="OLD"><orgName>Institut National Polytechnique de Lorraine</orgName><orgName type="acronym">INPL</orgName><date type="end">2011-12-31</date><desc><address><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-2496" type="direct"><org type="laboratory" xml:id="struct-2496" status="OLD"><orgName>INRIA Lorraine</orgName><desc><address><addrLine>615 rue du Jardin Botanique 54600 Villers-lès-Nancy</addrLine><country key="FR"></country></address><ref type="url">http://www.inria.fr/centre-de-recherche-inria/nancy-grand-est</ref></desc><listRelation><relation active="#struct-300009" type="direct"></relation></listRelation></org></tutelle></tutelles></hal:affiliation><country>France</country><placeName><settlement type="city">Nancy</settlement><region type="region" nuts="2">Grand Est</region><region type="old region" nuts="2">Lorraine (région)</region></placeName><orgName type="university">Université Nancy 2</orgName><orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName><placeName><settlement type="city">Nancy</settlement><region type="region" nuts="2">Grand Est</region><region type="old region" nuts="2">Lorraine (région)</region></placeName><orgName type="university">Institut national polytechnique de Lorraine</orgName><orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName></affiliation></author></analytic><idno type="DOI">10.1007/978-3-540-76900-2_2</idno></biblStruct></sourceDesc></fileDesc><profileDesc><textClass><keywords scheme="mix" xml:lang="en"><term>factoring</term><term>nfs</term><term>roots</term><term>rsa</term></keywords></textClass></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">We show that computing $e$-th roots modulo $n$ is easier than factoring $n$ with currently known methods, given subexponential access to an oracle outputting the roots of numbers of the form $x_i + c$. Here $c$ is fixed and $x_i$ denotes small integers of the attacker's choosing. Several variants of the attack are presented, with varying assumptions on the oracle, and goals ranging from selective to universal forgeries. The computational complexity of the attack is $L_n(\frac{1}{3}, \sqrt[3]{\frac{32}{9}})$ in most significant situations, which matches the {\sl special} number field sieve's ({\sc snfs}) complexity. This sheds additional light on {\sc rsa}'s malleability in general and on {\sc rsa}'s resistance to affine forgeries in particular -- a problem known to be polynomial for $x_i > \sqrt[3]{n}$, but for which no algorithm faster than factoring was known before this work.</div></front></TEI><hal api="V3"><titleStmt><title xml:lang="en">When e-th Roots Become Easier Than Factoring</title><author role="aut"><persName><forename type="first">Antoine</forename><surname>Joux</surname></persName><email></email><idno type="idhal">antoine-joux</idno><idno type="halauthor">225188</idno><orgName ref="#struct-364194"></orgName><affiliation ref="#struct-31978"></affiliation></author><author role="aut"><persName><forename type="first">David</forename><surname>Naccache</surname></persName><email></email><idno type="halauthor">225189</idno><orgName ref="#struct-59704"></orgName><affiliation ref="#struct-1315"></affiliation></author><author role="aut"><persName><forename type="first">Emmanuel</forename><surname>Thomé</surname></persName><email>Emmanuel.Thome@normalesup.org</email><idno type="halauthor">138517</idno><orgName ref="#struct-300009"></orgName><affiliation ref="#struct-24434"></affiliation></author><editor role="depositor"><persName><forename>Emmanuel</forename><surname>Thomé</surname></persName><email>Emmanuel.Thome@inria.fr</email></editor></titleStmt><editionStmt><edition n="v1" type="current"><date type="whenSubmitted">2007-11-15 11:41:44</date><date type="whenModified">2016-05-19 01:09:22</date><date type="whenReleased">2007-11-15 11:45:03</date><date type="whenProduced">2007-12</date><date type="whenEndEmbargoed">2007-11-15</date><ref type="file" target="https://hal.inria.fr/inria-00187782/document"><date notBefore="2007-11-15"></date></ref><ref type="file" subtype="author" n="1" target="https://hal.inria.fr/inria-00187782/file/nfsforge.pdf"><date notBefore="2007-11-15"></date></ref></edition><respStmt><resp>contributor</resp><name key="103937"><persName><forename>Emmanuel</forename><surname>Thomé</surname></persName><email>Emmanuel.Thome@inria.fr</email></name></respStmt></editionStmt><publicationStmt><distributor>CCSD</distributor><idno type="halId">inria-00187782</idno><idno type="halUri">https://hal.inria.fr/inria-00187782</idno><idno type="halBibtex">joux:inria-00187782</idno><idno type="halRefHtml">Kaoru Kurosawa. 13th International Conference on the Theory and Application of Cryptology and Information Security - ASIACRYPT 2007, Dec 2007, Kuching, Malaysia. Springer Berlin / Heidelberg, 4833, pp.13-28, 2007, Lecture Notes in Computer Science; Advances in Cryptology -- ASIACRYPT 2007 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007. Proceedings. <10.1007/978-3-540-76900-2_2></idno><idno type="halRef">Kaoru Kurosawa. 13th International Conference on the Theory and Application of Cryptology and Information Security - ASIACRYPT 2007, Dec 2007, Kuching, Malaysia. Springer Berlin / Heidelberg, 4833, pp.13-28, 2007, Lecture Notes in Computer Science; Advances in Cryptology -- ASIACRYPT 2007 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007. Proceedings. <10.1007/978-3-540-76900-2_2></idno></publicationStmt><seriesStmt><idno type="stamp" n="CNRS">CNRS - Centre national de la recherche scientifique</idno><idno type="stamp" n="INRIA">INRIA - Institut National de Recherche en Informatique et en Automatique</idno><idno type="stamp" n="INPL">Institut National Polytechnique de Lorraine</idno><idno type="stamp" n="ENS-PARIS">Ecole Normale Supérieure de Paris</idno><idno type="stamp" n="PRISM">Parallélisme, Réseaux, Systèmes d'information, Modélisation</idno><idno type="stamp" n="LORIA2">Publications du LORIA</idno><idno type="stamp" n="INRIA-NANCY-GRAND-EST">INRIA Nancy - Grand Est</idno><idno type="stamp" n="LORIA-ACGI" p="LORIA">Algorithmique, calcul, image et géométrie</idno><idno type="stamp" n="LORIA">LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications</idno><idno type="stamp" n="UVSQ">Université de Versailles Saint-Quentin-en-Yvelines</idno><idno type="stamp" n="UNIV-LORRAINE">Université de Lorraine</idno><idno type="stamp" n="INRIA-LORRAINE">INRIA Nancy - Grand Est</idno><idno type="stamp" n="LABO-LORIA-SET" p="LORIA">LABO-LORIA-SET</idno></seriesStmt><notesStmt><note type="commentary">The original publications is available at www.springerlink.com ; ISBN 978-3-540-76899-9 ; ISSN 0302-9743 (Print) 1611-3349 (Online)</note><note type="audience" n="2">International</note><note type="invited" n="0">No</note><note type="popular" n="0">No</note><note type="peer" n="1">Yes</note><note type="proceedings" n="1">Yes</note></notesStmt><sourceDesc><biblStruct><analytic><title xml:lang="en">When e-th Roots Become Easier Than Factoring</title><author role="aut"><persName><forename type="first">Antoine</forename><surname>Joux</surname></persName><idno type="idHal">antoine-joux</idno><idno type="halAuthorId">225188</idno><orgName ref="#struct-364194"></orgName><affiliation ref="#struct-31978"></affiliation></author><author role="aut"><persName><forename type="first">David</forename><surname>Naccache</surname></persName><idno type="halAuthorId">225189</idno><orgName ref="#struct-59704"></orgName><affiliation ref="#struct-1315"></affiliation></author><author role="aut"><persName><forename type="first">Emmanuel</forename><surname>Thomé</surname></persName><email>Emmanuel.Thome@normalesup.org</email><idno type="halAuthorId">138517</idno><orgName ref="#struct-300009"></orgName><affiliation ref="#struct-24434"></affiliation></author></analytic><monogr><meeting><title>13th International Conference on the Theory and Application of Cryptology and Information Security - ASIACRYPT 2007</title><date type="start">2007-12</date><settlement>Kuching</settlement><country key="MY">Malaysia</country></meeting><respStmt><resp>conferenceOrganizer</resp><name>International Association for Cryptologic Research</name></respStmt><editor>Kaoru Kurosawa</editor><imprint><publisher>Springer Berlin / Heidelberg</publisher><biblScope unit="serie"></biblScope><biblScope unit="volume">4833</biblScope><biblScope unit="pp">13-28</biblScope><date type="datePub">2007</date></imprint></monogr><idno type="doi">10.1007/978-3-540-76900-2_2</idno></biblStruct></sourceDesc><profileDesc><langUsage><language ident="en">English</language></langUsage><textClass><keywords scheme="author"><term xml:lang="en">rsa</term><term xml:lang="en">factoring</term><term xml:lang="en">nfs</term><term xml:lang="en">roots</term></keywords><classCode scheme="halDomain" n="info.info-cr">Computer Science [cs]/Cryptography and Security [cs.CR]</classCode><classCode scheme="halTypology" n="COMM">Conference papers</classCode></textClass><abstract xml:lang="en">We show that computing $e$-th roots modulo $n$ is easier than factoring $n$ with currently known methods, given subexponential access to an oracle outputting the roots of numbers of the form $x_i + c$. Here $c$ is fixed and $x_i$ denotes small integers of the attacker's choosing. Several variants of the attack are presented, with varying assumptions on the oracle, and goals ranging from selective to universal forgeries. The computational complexity of the attack is $L_n(\frac{1}{3}, \sqrt[3]{\frac{32}{9}})$ in most significant situations, which matches the {\sl special} number field sieve's ({\sc snfs}) complexity. This sheds additional light on {\sc rsa}'s malleability in general and on {\sc rsa}'s resistance to affine forgeries in particular -- a problem known to be polynomial for $x_i > \sqrt[3]{n}$, but for which no algorithm faster than factoring was known before this work.</abstract></profileDesc></hal></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Lorraine/explor/InforLorV4/Data/Hal/Curation
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 005364 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Hal/Curation/biblio.hfd -nk 005364 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Wicri/Lorraine
|area= InforLorV4
|flux= Hal
|étape= Curation
|type= RBID
|clé= Hal:inria-00187782
|texte= When e-th Roots Become Easier Than Factoring
}}
| This area was generated with Dilib version V0.6.33. |  |