{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,25]],"date-time":"2026-01-25T04:13:12Z","timestamp":1769314392025,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":31,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642291005","type":"print"},{"value":"9783642291012","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-29101-2_25","type":"book-chapter","created":{"date-parts":[[2012,4,2]],"date-time":"2012-04-02T04:10:23Z","timestamp":1333339823000},"page":"369-380","source":"Crossref","is-referenced-by-count":15,"title":["Partial Key Exposure on RSA with Private Exponents Larger Than N"],"prefix":"10.1007","author":[{"given":"Marc","family":"Joye","sequence":"first","affiliation":[]},{"given":"Tancr\u00e8de","family":"Lepoint","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"25_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11745853_1","volume-title":"Public Key Cryptography - PKC 2006","author":"D. Bleichenbacher","year":"2006","unstructured":"Bleichenbacher, D., May, A.: New Attacks on RSA with Small Secret CRT-Exponents. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol.\u00a03958, pp. 1\u201313. Springer, Heidelberg (2006)"},{"key":"25_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/978-3-540-45146-4_2","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"J. Bl\u00f6mer","year":"2003","unstructured":"Bl\u00f6mer, J., May, A.: New Partial Key Exposure Attacks on RSA. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 27\u201343. Springer, Heidelberg (2003)"},{"issue":"4","key":"25_CR3","doi-asserted-by":"crossref","first-page":"1339","DOI":"10.1109\/18.850673","volume":"46","author":"D. Boneh","year":"2000","unstructured":"Boneh, D., Durfee, G.: Cryptanalysis of RSA with private key d less than N\n                  0.292. IEEE Transactions on Information Theory 46(4), 1339\u20131349 (2000), extended abstract in Proc. of EUROCRYPT 1998","journal-title":"IEEE Transactions on Information Theory"},{"key":"25_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1007\/3-540-49649-1_3","volume-title":"Advances in Cryptology - ASIACRYPT\u201998","author":"D. Boneh","year":"1998","unstructured":"Boneh, D., Durfee, G., Frankel, Y.: An Attack on RSA Given a Small Fraction of the Private Key Bits. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol.\u00a01514, pp. 25\u201334. Springer, Heidelberg (1998)"},{"key":"25_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/BFb0054128","volume-title":"Advances in Cryptology - EUROCRYPT \u201998","author":"G.D. Cohen","year":"1998","unstructured":"Cohen, G.D., Lobstein, A., Naccache, D., Z\u00e9mor, G.: How to Improve an Exponentiation Black-Box. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol.\u00a01403, pp. 211\u2013220. Springer, Heidelberg (1998)"},{"key":"25_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"178","DOI":"10.1007\/3-540-68339-9_16","volume-title":"Advances in Cryptology - EUROCRYPT \u201996","author":"D. Coppersmith","year":"1996","unstructured":"Coppersmith, D.: Finding a Small Root of a Bivariate Integer Equation; Factoring with High Bits Known. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol.\u00a01070, pp. 178\u2013189. Springer, Heidelberg (1996)"},{"key":"25_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"155","DOI":"10.1007\/3-540-68339-9_14","volume-title":"Advances in Cryptology - EUROCRYPT \u201996","author":"D. Coppersmith","year":"1996","unstructured":"Coppersmith, D.: Finding a Small Root of a Univariate Modular Equation. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol.\u00a01070, pp. 155\u2013165. Springer, Heidelberg (1996)"},{"issue":"4","key":"25_CR8","doi-asserted-by":"publisher","first-page":"233","DOI":"10.1007\/s001459900030","volume":"10","author":"D. Coppersmith","year":"1997","unstructured":"Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. Journal of Cryptology\u00a010(4), 233\u2013260 (1997)","journal-title":"Journal of Cryptology"},{"key":"25_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"292","DOI":"10.1007\/3-540-48059-5_25","volume-title":"Cryptographic Hardware and Embedded Systems","author":"J.S. Coron","year":"1999","unstructured":"Coron, J.S.: Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Ko\u00e7, \u00c7.K., Paar, C. (eds.) CHES 1999. LNCS, vol.\u00a01717, pp. 292\u2013302. Springer, Heidelberg (1999)"},{"key":"25_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"492","DOI":"10.1007\/978-3-540-24676-3_29","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"J.S. Coron","year":"2004","unstructured":"Coron, J.S.: Finding Small Roots of Bivariate Integer Polynomial Equations Revisited. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol.\u00a03027, pp. 492\u2013505. Springer, Heidelberg (2004)"},{"key":"25_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1007\/978-3-540-74143-5_21","volume-title":"Advances in Cryptology - CRYPTO 2007","author":"J.S. Coron","year":"2007","unstructured":"Coron, J.S.: Finding Small Roots of Bivariate Integer Polynomial Equations: A Direct Approach. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol.\u00a04622, pp. 379\u2013394. Springer, Heidelberg (2007)"},{"key":"25_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1007\/11426639_22","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"M. Ernst","year":"2005","unstructured":"Ernst, M., Jochemsz, E., May, A., de Weger, B.: Partial Key Exposure Attacks on RSA up to Full Size Exponents. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol.\u00a03494, pp. 371\u2013386. Springer, Heidelberg (2005)"},{"key":"25_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-03356-8_1","volume-title":"Advances in Cryptology - CRYPTO 2009","author":"N. Heninger","year":"2009","unstructured":"Heninger, N., Shacham, H.: Reconstructing RSA Private Keys from Random Key Bits. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol.\u00a05677, pp. 1\u201317. Springer, Heidelberg (2009)"},{"key":"25_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1007\/978-3-642-13013-7_4","volume-title":"Public Key Cryptography \u2013 PKC 2010","author":"M. Herrmann","year":"2010","unstructured":"Herrmann, M., May, A.: Maximizing Small Root Bounds by Linearization and Applications to Small Secret Exponent RSA. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol.\u00a06056, pp. 53\u201369. Springer, Heidelberg (2010)"},{"key":"25_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"131","DOI":"10.1007\/BFb0024458","volume-title":"Cryptography and Coding","author":"N. Howgrave-Graham","year":"1997","unstructured":"Howgrave-Graham, N.: Finding Small Roots of Univariate Modular Equations Revisited. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol.\u00a01355, pp. 131\u2013142. Springer, Heidelberg (1997)"},{"key":"25_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/11935230_18","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2006","author":"E. Jochemsz","year":"2006","unstructured":"Jochemsz, E., May, A.: A Strategy for Finding Roots of Multivariate Polynomials with New Applications in Attacking RSA Variants. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol.\u00a04284, pp. 267\u2013282. Springer, Heidelberg (2006)"},{"key":"25_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"395","DOI":"10.1007\/978-3-540-74143-5_22","volume-title":"Advances in Cryptology - CRYPTO 2007","author":"E. Jochemsz","year":"2007","unstructured":"Jochemsz, E., May, A.: A polynomial time attack on RSA with private CRT-exponents smaller than N\n                  0.073. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol.\u00a04622, pp. 395\u2013411. Springer, Heidelberg (2007)"},{"key":"25_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"388","DOI":"10.1007\/3-540-48405-1_25","volume-title":"Advances in Cryptology - CRYPTO \u201999","author":"P. Kocher","year":"1999","unstructured":"Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol.\u00a01666, pp. 388\u2013397. Springer, Heidelberg (1999)"},{"issue":"1","key":"25_CR19","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1007\/s13389-011-0006-y","volume":"1","author":"P. Kocher","year":"2011","unstructured":"Kocher, P., Jaffe, J., Jun, B., Rohatgi, P.: Introduction to differential power analysis. Journal of Cryptographic Engineeering\u00a01(1), 5\u201327 (2011)","journal-title":"Journal of Cryptographic Engineeering"},{"key":"25_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"104","DOI":"10.1007\/3-540-68697-5_9","volume-title":"Advances in Cryptology - CRYPTO \u201996","author":"P.C. Kocher","year":"1996","unstructured":"Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol.\u00a01109, pp. 104\u2013113. Springer, Heidelberg (1996)"},{"issue":"4","key":"25_CR21","doi-asserted-by":"publisher","first-page":"515","DOI":"10.1007\/BF01457454","volume":"261","author":"A.K. Lenstra","year":"1982","unstructured":"Lenstra, A.K., Lenstra Jr., H.W., Lov\u00e1sz, L.: Factoring polynomials with rational coefficients. Mathematische Annalen\u00a0261(4), 515\u2013534 (1982)","journal-title":"Mathematische Annalen"},{"key":"25_CR22","unstructured":"May, A.: New RSA Vulnerabilities Using Lattice Reduction Methods. Ph.D. thesis, University of Paderborn (2003)"},{"issue":"3","key":"25_CR23","doi-asserted-by":"publisher","first-page":"300","DOI":"10.1016\/S0022-0000(76)80043-8","volume":"13","author":"G.L. Miller","year":"1976","unstructured":"Miller, G.L.: Riemann\u2019s hypothesis and tests for primality. Journal of Computer and System Sciences\u00a013(3), 300\u2013317 (1976)","journal-title":"Journal of Computer and System Sciences"},{"key":"25_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1007\/978-3-642-25578-6_7","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2011","author":"S. Sarkar","year":"2011","unstructured":"Sarkar, S.: Partial Key Exposure: Generalized Framework to Attack RSA. In: Bernstein, D.J., Chatterjee, S. (eds.) INDOCRYPT 2011. LNCS, vol.\u00a07107, pp. 76\u201392. Springer, Heidelberg (2011)"},{"key":"25_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1007\/978-3-642-17401-8_2","volume-title":"Progress in Cryptology - INDOCRYPT 2010","author":"S. Sarkar","year":"2010","unstructured":"Sarkar, S., Sen Gupta, S., Maitra, S.: Partial Key Exposure Attack on RSA \u2013 Improvements for Limited Lattice Dimensions. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol.\u00a06498, pp. 2\u201316. Springer, Heidelberg (2010)"},{"key":"25_CR26","unstructured":"Shoup, V.: Number Theory Library (Version 5.5.2). A library for doing Number Theory (2011), \n                    \n                      http:\/\/www.shoup.net\/ntl"},{"key":"25_CR27","doi-asserted-by":"crossref","unstructured":"Simmons, G.J.: The prisoners\u2019 problem and the subliminal channel. In: Chaum, D. (ed.) Advances in Cryptology, Proceedings of CRYPTO 1983, pp. 51\u201367. Plenum Press (1984)","DOI":"10.1007\/978-1-4684-4730-9_5"},{"key":"25_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"364","DOI":"10.1007\/3-540-39757-4_25","volume-title":"Advances in Cryptology","author":"G.J. Simmons","year":"1985","unstructured":"Simmons, G.J.: The Subliminal Channel and Digital Signatures. In: Beth, T., Cot, N., Ingemarsson, I. (eds.) EUROCRYPT 1984. LNCS, vol.\u00a0209, pp. 364\u2013378. Springer, Heidelberg (1985)"},{"key":"25_CR29","unstructured":"Stein, W.A., et al.: Sage Mathematics Software (Version 4.7). The Sage Development Team (2011), \n                    \n                      http:\/\/www.sagemath.org"},{"issue":"3","key":"25_CR30","doi-asserted-by":"publisher","first-page":"553","DOI":"10.1109\/18.54902","volume":"36","author":"M.J. Wiener","year":"1990","unstructured":"Wiener, M.J.: Cryptanalysis of short RSA secret exponents. IEEE Transactions on Information Theory\u00a036(3), 553\u2013558 (1990)","journal-title":"IEEE Transactions on Information Theory"},{"key":"25_CR31","doi-asserted-by":"crossref","unstructured":"Young, A., Yung, M.: Malicious Cryptography: Exposing Cryptovirology. John Wiley & Sons (2004)","DOI":"10.1016\/S0267-3649(04)00079-2"}],"container-title":["Lecture Notes in Computer Science","Information Security Practice and Experience"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-29101-2_25.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,4]],"date-time":"2021-05-04T11:23:39Z","timestamp":1620127419000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-29101-2_25"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642291005","9783642291012"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-29101-2_25","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012]]}}}