{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,8]],"date-time":"2026-02-08T08:13:35Z","timestamp":1770538415152,"version":"3.49.0"},"reference-count":33,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2024,12,28]],"date-time":"2024-12-28T00:00:00Z","timestamp":1735344000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"<jats:p>An RSA generalization using complex integers was introduced by Elkamchouchi, Elshenawy and Shaban in 2002. This scheme was further extended by Cotan and Te\u0219eleanu to Galois fields of order n\u22651. In this generalized framework, the key equation is ed\u2212k(pn\u22121)(qn\u22121)=1, where p and q are prime numbers. Note that the classical RSA and Elkamchouchi et al.\u2019s key equations are special cases, namely, when n=1 and n=2. In addition to introducing this generic family, Cotan and Te\u0219eleanu described a continued fractions attack capable of recovering the secret key d if d&lt;N0.25n. This bound was later improved by Te\u0219eleanu using a lattice-based method. In this paper, we explore other lattice attacks that could lead to factoring the modulus N=pq, namely, we propose a series of partial exposure attacks that can aid an adversary in breaking this family of cryptosystems if certain conditions hold.<\/jats:p>","DOI":"10.3390\/cryptography9010002","type":"journal-article","created":{"date-parts":[[2024,12,31]],"date-time":"2024-12-31T07:34:19Z","timestamp":1735630459000},"page":"2","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Partial Exposure Attacks Against a Family of RSA-like Cryptosystems"],"prefix":"10.3390","volume":"9","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3953-2744","authenticated-orcid":false,"given":"George","family":"Te\u015feleanu","sequence":"first","affiliation":[{"name":"Advanced Technologies Institute, 10 Dinu Vintil\u0103, 021101 Bucharest, Romania"},{"name":"Simion Stoilow Institute of Mathematics of the Romanian Academy, 21 Calea Grivitei, 010702 Bucharest, Romania"}]}],"member":"1968","published-online":{"date-parts":[[2024,12,28]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"120","DOI":"10.1145\/359340.359342","article-title":"A Method for Obtaining Digital Signatures and Public-Key Cryptosystems","volume":"21","author":"Rivest","year":"1978","journal-title":"Commun. ACM"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"553","DOI":"10.1109\/18.54902","article-title":"Cryptanalysis of Short RSA Secret Exponents","volume":"36","author":"Wiener","year":"1990","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_3","first-page":"1","article-title":"Cryptanalysis of RSA with Private Key d Less than N0.292","volume":"Volume 1592","author":"Boneh","year":"1999","journal-title":"Proceedings of the EUROCRYPT 1999"},{"key":"ref_4","first-page":"155","article-title":"Finding a Small Root of a Univariate Modular Equation","volume":"Volume 1070","author":"Coppersmith","year":"1996","journal-title":"Proceedings of the EUROCRYPT 1996"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"515","DOI":"10.1007\/BF01457454","article-title":"Factoring Polynomials with Rational Coefficients","volume":"261","author":"Lenstra","year":"1982","journal-title":"Math. Ann."},{"key":"ref_6","first-page":"53","article-title":"Maximizing Small Root Bounds by Linearization and Applications to Small Secret Exponent RSA","volume":"Volume 6056","author":"Herrmann","year":"2010","journal-title":"Proceedings of the PKC 2010"},{"key":"ref_7","first-page":"203","article-title":"Twenty Years of Attacks on the RSA Cryptosystem","volume":"46","author":"Boneh","year":"1999","journal-title":"Not. AMS"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"May, A. (2010). Using LLL-Reduction for Solving RSA and Factorization Problems. The LLL Algorithm: Survey and Applications, Springer. Information Security and Cryptography.","DOI":"10.1007\/978-3-642-02295-1_10"},{"key":"ref_9","first-page":"133","article-title":"Further Cryptanalysis of a Type of RSA Variants","volume":"Volume 13640","author":"Shi","year":"2022","journal-title":"Proceedings of the ISC 2022"},{"key":"ref_10","first-page":"91","article-title":"Extended RSA Cryptosystem and Digital Signature Schemes in the Domain of Gaussian Integers","volume":"Volume 1","author":"Elkamchouchi","year":"2002","journal-title":"Proceedings of the ICCS 2002"},{"key":"ref_11","first-page":"258","article-title":"A New Attack on Three Variants of the RSA Cryptosystem","volume":"Volume 9723","author":"Bunder","year":"2016","journal-title":"Proceedings of the ACISP 2016"},{"key":"ref_12","first-page":"140","article-title":"An Improved Analysis on Three Variants of the RSA Cryptosystem","volume":"Volume 10143","author":"Peng","year":"2016","journal-title":"Proceedings of the Inscrypt 2016"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"266","DOI":"10.1007\/978-3-319-89339-6_15","article-title":"Cryptanalysis of RSA Variants with Modified Euler Quotient","volume":"Volume 10831","author":"Zheng","year":"2018","journal-title":"Proceedings of the AFRICACRYPT 2018"},{"key":"ref_14","first-page":"57","article-title":"Small Private Key Attack Against a Family of RSA-Like Cryptosystems","volume":"Volume 14324","author":"Cotan","year":"2023","journal-title":"Proceedings of the NordSEC 2023"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"20240013","DOI":"10.1515\/jmc-2024-0013","article-title":"A Security Analysis of Two Classes of RSA-Like Cryptosystems","volume":"18","author":"Cotan","year":"2024","journal-title":"J. Math. Cryptol."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Te\u015feleanu, G. (2024, January 19\u201320). A Lattice Attack Against a Family of RSA-like Cryptosystems. Proceedings of the CSCML 2024, Be\u2019er Sheva, Israel. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-031-76934-4_25"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Rahmani, M., Nitaj, A., and Ziane, M. (2024). Partial Exposure Attacks on a New RSA Variant. Cryptography, 8.","DOI":"10.3390\/cryptography8040044"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Cotan, P., and Te\u015feleanu, G. (2022, January 23\u201325). Continued Fractions Applied to a Family of RSA-like Cryptosystems. Proceedings of the ISPEC 2022, Taipei, Taiwan.","DOI":"10.1007\/978-3-031-21280-2_33"},{"key":"ref_19","first-page":"55","article-title":"On Optimal Bounds of Small Inverse Problems and Approximate GCD Problems with Higher Degree","volume":"Volume 7483","author":"Kunihiro","year":"2012","journal-title":"Proceedings of the ISC 2012"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"174","DOI":"10.1007\/978-3-540-68164-9_12","article-title":"Another Generalization of Wiener\u2019s Attack on RSA","volume":"Volume 5023","author":"Nitaj","year":"2008","journal-title":"Proceedings of the AFRICACRYPT 2008"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"114549","DOI":"10.1016\/j.tcs.2024.114549","article-title":"Partial Prime Factor Exposure Attacks on Some RSA Variants","volume":"999","author":"Feng","year":"2024","journal-title":"Theor. Comput. Sci."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"179","DOI":"10.1007\/s00200-004-0164-6","article-title":"On the Security of RSA with Primes Sharing Least-Significant Bits","volume":"15","author":"Steinfeld","year":"2004","journal-title":"Appl. Algebra Eng. Commun. Comput."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"178","DOI":"10.1007\/978-3-319-06734-6_12","article-title":"New Attacks on the RSA Cryptosystem","volume":"Volume 8469","author":"Nitaj","year":"2014","journal-title":"Proceedings of the AFRICACRYPT 2014"},{"key":"ref_24","first-page":"178","article-title":"Finding a Small Root of a Bivariate Integer Equation; Factoring with High Bits Known","volume":"Volume 1070","author":"Coppersmith","year":"1996","journal-title":"Proceedings of the EUROCRYPT 1996"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"233","DOI":"10.1007\/s001459900030","article-title":"Small Solutions to Polynomial Equations, and Low Exponent RSA Vulnerabilities","volume":"10","author":"Coppersmith","year":"1997","journal-title":"J. Cryptol."},{"key":"ref_26","first-page":"131","article-title":"Finding Small Roots of Univariate Modular Equations Revisited","volume":"Volume 1355","year":"1997","journal-title":"Proceedings of the IMA 1997"},{"key":"ref_27","unstructured":"May, A. (2003). New RSA Vulnerabilities Using Lattice Reduction Methods. [Ph.D. Thesis, University of Paderborn]."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"267","DOI":"10.1007\/11935230_18","article-title":"A Strategy for Finding Roots of Multivariate Polynomials with New Applications in Attacking RSA Variants","volume":"Volume 4284","author":"Jochemsz","year":"2006","journal-title":"Proceedings of the ASIACRYPT 2006"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Nassr, D.I., Bahig, H.M., Bhery, A., and Daoud, S.S. (2008, January 1\u20134). A New RSA Vulnerability Using Continued Fractions. Proceedings of the AICCSA 2008, Doha, Qatar.","DOI":"10.1109\/AICCSA.2008.4493604"},{"key":"ref_30","unstructured":"Feng, Y., Liu, Z., Nitaj, A., and Pan, Y. (2024). Practical Small Private Exponent Attacks against RSA. IACR Cryptol. ePrint Arch., Available online: https:\/\/eprint.iacr.org\/2024\/1331."},{"key":"ref_31","unstructured":"Abderrahmane Nitaj, N.N.H.A., and Ariffin, M.R.B.K. (2024, January 10\u201312). Cryptanalysis of a New Variant of the RSA Cryptosystem. Proceedings of the AFRICACRYPT 2024, Douala, Cameroon."},{"key":"ref_32","first-page":"42","article-title":"Cryptanalysis of RSA Variants with Primes Sharing Most Significant Bits","volume":"Volume 13118","author":"Nitaj","year":"2021","journal-title":"Proceedings of the ISC 2021"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1007\/s002000100088","article-title":"Cryptanalysis of RSA with Small Prime Difference","volume":"13","year":"2002","journal-title":"Appl. Algebra Eng. Commun. Comput."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/9\/1\/2\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T16:55:21Z","timestamp":1760115321000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/9\/1\/2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,28]]},"references-count":33,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,3]]}},"alternative-id":["cryptography9010002"],"URL":"https:\/\/doi.org\/10.3390\/cryptography9010002","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,12,28]]}}}