RSA system is based on the hardness of the integer factorization problem (IFP). Given an RSA modulusN=pq, it is difficult to determine the prime factorspandqefficiently. One of the most famous short exponent attacks on RSA is the Wiener attack. In 1997, Verheul and van Tilborg use an exhaustive search to extend the boundary of the Wiener attack. Their result shows that the cost of exhaustive search is2r+8bits when extending the Weiner's boundaryrbits. In this paper, we first reduce the cost of exhaustive search from2r+8bits to2r+2bits. Then, we propose a method named EPF. With EPF, the cost of exhaustive search is further reduced to2r-6bits when we extend Weiner's boundaryrbits. It means that our result is 214times faster than Verheul and van Tilborg's result. Besides, the security boundary is extended 7 bits.
展开▼
