Small primitive roots and malleability of RSA
Document typeConference report
Rights accessOpen Access
In their paper , P. Paillier and J. Villar make a conjectur e about the malleability of an RSA modulus. In this paper we present an ex plicit algo- rithm refuting the conjecture. Concretely we can factorize an RSA modulus n using very little information on the factorization of a conc rete n ′ coprime to n . However, we believe the conjecture might be true, when impo sing some extra conditions on the auxiliary n ′ allowed to be used. In particular, the paper shows how subtle the notion of malleability is
CitationJimenez, J.; Dieulefait, L.V. Small primitive roots and malleability of RSA. A: International Conference on Symbolic Computation and Cryptography. "Extended abstracts of the third Workshop on Mathematical Cryptology (WMC 2012) and the third international conference on Symbolic Computation and Cryptography (SCC 2012), Castro Urdiales, Spain, 9-13 July 2012". Castro Urdiales: 2012, p. 13-18.