The better bound of private key in RSA with unbalanced primes

摘要

At Asiacrypt ’99, Sun, Yang and Laih proposed three different schemes of RSA cryptosystem to avoid all known attacks including Boneh–Durfee attack. One year after, Durfee and Nguyen attacked two out of these three schemes based on Coppersmith’s lattice technique for finding small roots to trivariate modular polynomial equations. The bounds of private key for the first and third schemes were much improved, but the bound of the second scheme was not good enough. Our result improves Durfee and Nguyen’s bound of the private exponent d from N0.483 to N0.486 for the second scheme. This implies the system is insecure if the private exponent d