한국인터넷방송통신학회논문지 (The Journal of the Institute of Internet, Broadcasting and Communication)

  • 제14권6호
  • /
  • Pages.25-31
  • /
  • 2014
  • /
  • 2289-0238(pISSN)
  • /
  • 2289-0246(eISSN)
한국인터넷방송통신학회 (The Institute of Internet, Broadcasting and Communication)
권호 표지
DOI QR코드

DOI QR Code

비대칭키 RSA의 𝜙(n) 해독을 위한 역 아기걸음- 2k-ary 성인걸음법

Reverse Baby-step 2k-ary Adult-step Method for 𝜙((n) Decryption of Asymmetric-key RSA

  • 이상운 (강릉원주대학교 과학기술대학 멀티미디어공학과)
  • Lee, Sang-Un (Dept. of Multimedia Eng., Gangneung-Wonju National University)
  • 투고 : 2014.08.13
  • 심사 : 2014.12.12
  • 발행 : 2014.12.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

비대칭키 RSA의 공개키 e와 합성수 n=pq은 알고 있고 개인키 d를 모를 때, ${\phi}(n)=(p-1)(q-1)=n+1-(p+q)$을 구하여 $d=e^{-1}(mod{\phi}(n))$으로 개인키 d를 해독한다. 암호해독은 일반적으로 n/p=q 또는 $a^2{\equiv}b^2$(mod n), a=(p+q)/2,b=(q-p)/2를 구하는 소인수 분해법이 널리 적용되고 있다. 그러나 아직까지도 많은 RSA 수들이 해독되지 않고 있다. 본 논문은 ${\phi}(n)$을 직접 구하는 알고리즘을 제안하였다. 제안된 알고리즘은 이산대수의 아기걸음-거인걸음법과 모듈러 지수연산의 $2^k$-ary법을 적용하였다. 이 알고리즘은 역-아기걸음과 $2^k$-ary 성인걸음법을 적용하여 기본적인 성인걸음법 수행횟수를 $1/2^k$로 줄이고, $m={\lfloor}\sqrt{n}{\rfloor}$의 저장 메모리 용량도 l, $a^l$ > n로 감소시켜 ${\phi}(n)$을 l회 이내로 구하였다.

When the public key e and the composite number n=pq are disclosed but not the private key d in an asymmetric-key RSA, message decryption is carried out by obtaining ${\phi}(n)=(p-1)(q-1)=n+1-(p+q)$ and subsequently computing $d=e^{-1}(mod{\phi}(n))$. The most commonly used decryption algorithm is integer factorization of n/p=q or $a^2{\equiv}b^2$(mod n), a=(p+q)/2, b=(q-p)/2. But many of the RSA numbers remain unfactorable. This paper therefore applies baby-step giant-step discrete logarithm and $2^k$-ary modular exponentiation to directly obtain ${\phi}(n)$. The proposed algorithm performs a reverse baby-step and $2^k$-ary adult-step. As a results, it reduces the execution time of basic adult-step to $1/2^k$ times and the memory $m={\lceil}\sqrt{n}{\rceil}$ to l, $a^l$ > n, hence obtaining ${\phi}(n)$ by executing within l times.

키워드

참고문헌

  1. T. H. Cormen, C. E. Leiserson, R. L. Rivest, and C. Stein, "Introduction to Algorithms," 2nd Ed., MIT Press and McGraw-Hill. pp. 887-896, 2001.
  2. D. R. Stinson, "Cryptography: Theory and Practice," 3rd ed., London, CRC Press, 2006.
  3. B. Raiter, "How the RSA Cipher Works", http://www.tutorialized.com/tutorial/How-the-RSA-Cipher-Works/42395, 2009.
  4. M. Seysen, "A probabilistic factorization algorithm with quadratic forms of negative discriminant", Mathematics of Computation, Vol. 48, No. 178, pp. 757-780, 1987. https://doi.org/10.1090/S0025-5718-1987-0878705-X
  5. C. P. Schnorr, "Refined analysis and improvements on some factoring algorithms", Journal of Algorithms, Vol. 3, No. 2, pp. 101-127, 1982. https://doi.org/10.1016/0196-6774(82)90012-8
  6. Wikipedia, "Integer Factorization," http://en.wikipedia.org/wiki/Integer_factorization, 2014.
  7. Wikipedia, "RSA Factoring Challenge," http://en.wikipedia.org/wiki/RSA_Factoring_challenge, 2014.
  8. K. Ford, "The Number of Solutions of ${\phi}$ (x)=m", Annals of Mathematics, Vol. 150, No. 1, pp. 283-311, 1999. https://doi.org/10.2307/121103
  9. A. Stein and E. Teske, "Optimized Baby step-Giant step Methods," Journal of the Ramanujan Mathematical Society, Vol. 20, No. 1, pp. 1-32, 2005.
  10. D. C. Terr, "A modification of Shanks' Baby-step Giant-step algorithm," Mathematics of Computation, Vol. 69, pp. 767-773, 2000.
  11. J. Pollard, "Monte Carlo methods for index computation mod p", Mathematics of Computation, Vol. 32, 1978.
  12. A. A. Razborov and S. Rudich, "Natural proofs", Journal of Computer and System Sciences, Vol. 55, pp. 24-35, 1997. https://doi.org/10.1006/jcss.1997.1494
  13. S. Bruce, "Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd ed.", Wiley, 1996.
  14. S. T. Klein, "Should One Always Use Repeated Squaring for Modular Exponentiation?", Information Processing Letters, Vol. 106, Issue. 6, pp. 232-237, 2008. https://doi.org/10.1016/j.ipl.2007.11.016