{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T23:42:24Z","timestamp":1769298144865,"version":"3.49.0"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319281650","type":"print"},{"value":"9783319281667","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-28166-7_25","type":"book-chapter","created":{"date-parts":[[2016,1,8]],"date-time":"2016-01-08T15:29:04Z","timestamp":1452266944000},"page":"518-537","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Partial Key Exposure Attacks on CRT-RSA: Better Cryptanalysis to Full Size Encryption Exponents"],"prefix":"10.1007","author":[{"given":"Atsushi","family":"Takayasu","sequence":"first","affiliation":[]},{"given":"Noboru","family":"Kunihiro","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,1,9]]},"reference":[{"key":"25_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/978-3-642-00468-1_3","volume-title":"Public Key Cryptography \u2013 PKC 2009","author":"Y Aono","year":"2009","unstructured":"Aono, Y.: A new lattice construction for partial key exposure attack for RSA. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 34\u201353. Springer, Heidelberg (2009)"},{"key":"25_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11745853_1","volume-title":"Public Key Cryptography - PKC 2006","author":"D Bleichenbacher","year":"2006","unstructured":"Bleichenbacher, D., May, A.: New attacks on RSA with small secret CRT-exponents. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 1\u201313. Springer, Heidelberg (2006)"},{"key":"25_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/978-3-540-45146-4_2","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"J Bl\u00f6mer","year":"2003","unstructured":"Bl\u00f6mer, J., May, A.: New partial key exposure attacks on RSA. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 27\u201343. Springer, Heidelberg (2003)"},{"issue":"4","key":"25_CR4","doi-asserted-by":"publisher","first-page":"233","DOI":"10.1007\/s001459900030","volume":"10","author":"D Boneh","year":"1997","unstructured":"Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. J. Cryptol. 10(4), 233\u2013260 (1997)","journal-title":"J. Cryptol."},{"issue":"4","key":"25_CR5","doi-asserted-by":"publisher","first-page":"1339","DOI":"10.1109\/18.850673","volume":"46","author":"D Boneh","year":"2000","unstructured":"Boneh, D., Durfee, G.: Cryptanalysis of RSA with private key \n$$d$$\n less than \n$$N^{0.292}$$\n. IEEE Trans. Inf. Theory 46(4), 1339\u20131349 (2000)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"25_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"25","DOI":"10.1007\/3-540-49649-1_3","volume-title":"Advances in Cryptology - ASIACRYPT 1998","author":"D Boneh","year":"1998","unstructured":"Boneh, D., Durfee, G., Frankel, Y.: An attack on RSA given a small fraction of the private key bits. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 25\u201334. Springer, Heidelberg (1998)"},{"key":"25_CR7","unstructured":"Coppersmith, D.: Factoring with a hint. IBM Research Report RC 19905 (1995)"},{"key":"25_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"155","DOI":"10.1007\/3-540-68339-9_14","volume-title":"Advances in Cryptology - EUROCRYPT 1996","author":"D Coppersmith","year":"1996","unstructured":"Coppersmith, D.: Finding a small root of a univariate modular equation. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 155\u2013165. Springer, Heidelberg (1996)"},{"key":"25_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"178","DOI":"10.1007\/3-540-68339-9_16","volume-title":"Advances in Cryptology - EUROCRYPT 1996","author":"D Coppersmith","year":"1996","unstructured":"Coppersmith, D.: Finding a small root of a bivariate integer equation; factoring with high bits known. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 178\u2013189. Springer, Heidelberg (1996)"},{"issue":"4","key":"25_CR10","doi-asserted-by":"publisher","first-page":"233","DOI":"10.1007\/s001459900030","volume":"10","author":"D Coppersmith","year":"1997","unstructured":"Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptol. 10(4), 233\u2013260 (1997)","journal-title":"J. Cryptol."},{"key":"25_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1007\/3-540-44670-2_3","volume-title":"Cryptography and Lattices","author":"D Coppersmith","year":"2001","unstructured":"Coppersmith, D.: Finding small solutions to small degree polynomials. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 20\u201331. Springer, Heidelberg (2001)"},{"key":"25_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"492","DOI":"10.1007\/978-3-540-24676-3_29","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"J-S Coron","year":"2004","unstructured":"Coron, J.-S.: Finding small roots of bivariate integer polynomial equations revisited. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 492\u2013505. Springer, Heidelberg (2004)"},{"key":"25_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1007\/978-3-540-74143-5_21","volume-title":"Advances in Cryptology - CRYPTO 2007","author":"J-S Coron","year":"2007","unstructured":"Coron, J.-S.: Finding small roots of bivariate integer polynomial equations: a direct approach. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 379\u2013394. Springer, Heidelberg (2007)"},{"key":"25_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1007\/3-540-44448-3_2","volume-title":"Advances in Cryptology - ASIACRYPT 2000","author":"G Durfee","year":"2000","unstructured":"Durfee, G., Nguy\u00ean, P.Q.: Cryptanalysis of the RSA schemes with short secret exponent from Asiacrypt 1999. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 14\u201329. Springer, Heidelberg (2000)"},{"key":"25_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1007\/11426639_22","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"M Ernst","year":"2005","unstructured":"Ernst, M., Jochemsz, E., May, A., de Weger, B.: Partial key exposure attacks on RSA up to full size exponents. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 371\u2013386. Springer, Heidelberg (2005)"},{"key":"25_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1007\/11506157_24","volume-title":"Information Security and Privacy","author":"SD Galbraith","year":"2005","unstructured":"Galbraith, S.D., Heneghan, C., McKee, J.F.: Tunable balancing of RSA. In: Boyd, C., Gonz\u00e1lez Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 280\u2013292. Springer, Heidelberg (2005)"},{"key":"25_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1007\/978-3-642-13013-7_4","volume-title":"Public Key Cryptography \u2013 PKC 2010","author":"M Herrmann","year":"2010","unstructured":"Herrmann, M., May, A.: Maximizing small root bounds by linearization and applications to small secret exponent RSA. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 53\u201369. Springer, Heidelberg (2010)"},{"key":"25_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"131","DOI":"10.1007\/BFb0024458","volume-title":"Cryptography and Coding","author":"N Howgrave-Graham","year":"1997","unstructured":"Howgrave-Graham, N.: Finding small roots of univariate modular equations revisited. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 131\u2013142. Springer, Heidelberg (1997)"},{"key":"25_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/11935230_18","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2006","author":"E Jochemsz","year":"2006","unstructured":"Jochemsz, E., May, A.: A strategy for finding roots of multivariate polynomials with new applications in attacking RSA variants. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 267\u2013282. Springer, Heidelberg (2006)"},{"key":"25_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"395","DOI":"10.1007\/978-3-540-74143-5_22","volume-title":"Advances in Cryptology - CRYPTO 2007","author":"E Jochemsz","year":"2007","unstructured":"Jochemsz, E., May, A.: A polynomial time attack on RSA with private CRT-exponents smaller than \n$${N}^{0.073}$$\n. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 395\u2013411. Springer, Heidelberg (2007)"},{"key":"25_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"369","DOI":"10.1007\/978-3-642-29101-2_25","volume-title":"Information Security Practice and Experience","author":"M Joye","year":"2012","unstructured":"Joye, M., Lepoint, T.: Partial key exposure on RSA with private exponents larger than N. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 369\u2013380. Springer, Heidelberg (2012)"},{"key":"25_CR22","unstructured":"Lenstra, A.K. Lenstra Jr., H.W., Lov\u00e1sz, L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 515\u2013534 (1982)"},{"key":"25_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"151","DOI":"10.1007\/978-3-319-07536-5_10","volume-title":"Applied Cryptography and Network Security","author":"Y Lu","year":"2014","unstructured":"Lu, Y., Zhang, R., Lin, D.: New partial key exposure attacks on CRT-RSA with large public exponents. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 151\u2013162. Springer, Heidelberg (2014)"},{"key":"25_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"242","DOI":"10.1007\/3-540-45708-9_16","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"A May","year":"2002","unstructured":"May, A.: Cryptanalysis of unbalanced RSA with small CRT-exponent. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 242\u2013256. Springer, Heidelberg (2002)"},{"key":"25_CR25","unstructured":"May, A.: New RSA vulnerabilities using lattice reduction methods. Ph.D. thesis, University of Paderborn (2003)"},{"key":"25_CR26","doi-asserted-by":"crossref","unstructured":"May, A.: Using LLL-reduction for solving RSA and factorization problems: a survey. http:\/\/www.cits.rub.de\/permonen\/may.html (2010)","DOI":"10.1007\/978-3-642-02295-1_10"},{"key":"25_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1007\/3-540-44670-2_12","volume-title":"Cryptography and Lattices","author":"PQ Nguy\u00ean","year":"2001","unstructured":"Nguy\u00ean, P.Q., Stern, J.: The two faces of lattices in cryptology. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 146\u2013180. Springer, Heidelberg (2001)"},{"key":"25_CR28","doi-asserted-by":"publisher","first-page":"905","DOI":"10.1049\/el:19820617","volume":"18","author":"JJ Quisquater","year":"1982","unstructured":"Quisquater, J.J., Couvreur, C.: Fast decipherment algorithm for RSA public-key cryptosystems. Electron. Lett. 18, 905\u2013907 (1982)","journal-title":"Electron. Lett."},{"key":"25_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"31","DOI":"10.1007\/3-540-39805-8_3","volume-title":"Advances in Cryptology - EUROCRYPT 1985","author":"RL Rivest","year":"1986","unstructured":"Rivest, R.L., Shamir, A.: Efficient factoring based on partial information. In: Pichler, F. (ed.) EUROCRYPT 1985. LNCS, vol. 219, pp. 31\u201334. Springer, Heidelberg (1986)"},{"issue":"2","key":"25_CR30","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1145\/359340.359342","volume":"21","author":"RL Rivest","year":"1978","unstructured":"Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120\u2013126 (1978)","journal-title":"Commun. ACM"},{"key":"25_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1007\/978-3-642-17401-8_2","volume-title":"Progress in Cryptology - INDOCRYPT 2010","author":"S Sarkar","year":"2010","unstructured":"Sarkar, S., Sen Gupta, S., Maitra, S.: Partial key exposure attack on RSA \u2013 improvements for limited lattice dimensions. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 2\u201316. Springer, Heidelberg (2010)"},{"key":"25_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"473","DOI":"10.1007\/978-3-642-01957-9_29","volume-title":"Applied Cryptography and Network Security","author":"S Sarkar","year":"2009","unstructured":"Sarkar, S., Maitra, S.: Partial key exposure attack on CRT-RSA. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 473\u2013484. Springer, Heidelberg (2009)"},{"key":"25_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"345","DOI":"10.1007\/978-3-319-13051-4_21","volume-title":"Selected Areas in Cryptography \u2013 SAC 2014","author":"A Takayasu","year":"2014","unstructured":"Takayasu, A., Kunihiro, N.: Partial key exposure attacks on RSA: achieving the Boneh-Durfee bound. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 345\u2013362. Springer, Heidelberg (2014)"},{"issue":"3","key":"25_CR34","doi-asserted-by":"publisher","first-page":"553","DOI":"10.1109\/18.54902","volume":"36","author":"MJ Wiener","year":"1990","unstructured":"Wiener, M.J.: Cryptanalysis of short RSA secret exponents. IEEE Trans. Inf. Theory 36(3), 553\u2013558 (1990)","journal-title":"IEEE Trans. Inf. Theory"}],"container-title":["Lecture Notes in Computer Science","Applied Cryptography and Network Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-28166-7_25","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,2,3]],"date-time":"2021-02-03T01:11:40Z","timestamp":1612314700000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-28166-7_25"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319281650","9783319281667"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-28166-7_25","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"9 January 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}