摘要
通过取模的几个性质对RSA,加密体系不动点进行了试解。对解的分析可知,如果d=eλ(λ为正整数),则RSA(n,e,d)存在无穷多个与明文无关的α阶不动点,且λ<loge n,使得d很容易在λ步内被猜测出,因此建议RSA(n,e,d)要对e和d的关系进行进一步的约束,只需要检验d%e>0。而讨论不动点解的个数或者出现的概率,也要从n、e、d出发,才能找到利用不动点从n、e推导出d的重大安全漏洞。
This article tries to solve the fixed points of RSA-ciphering system by several properties of modulo.Based on the analy.sis against this solution,it shows that there are infinitely many α-order fixed points which are message-free of RSA(n,e,d) as long as d = eλ(λ is a positive integer),and it means that d can be guessed out in λ times(λ〈loge n).So it is recommended tha RSA(n,e,d) should impose further constraint on the relation between e and d by simply testing d%e〉0 or not.The discussior about the amount of the solutions and the probability for them to appear should also start from n,e and d,to find the importan security vulnerability which searched d from n and e by the fixed-point.
出处
《信息通信》
2016年第3期31-33,共3页
Information & Communications
基金
科技支撑计划(2015BAK20B03)
