[Resource Topic] 2021/077: Magnetic RSA

Welcome to the resource topic for 2021/077

Title:
Magnetic RSA

Authors: Rémi Géraud-Stewart, David Naccache

Abstract:

In a recent paper Géraud-Stewart and Naccache \cite{gsn2021} (GSN) described an non-interactive process allowing a prover \mathcal P to convince a verifier \mathcal V that a modulus n is the product of two randomly generated primes (p,q) of about the same size. A heuristic argument conjectures that \mathcal P cannot control p,q to make n easy to factor. GSN’s protocol relies upon elementary number-theoretic properties and can be implemented efficiently using very few operations. This contrasts with state-of-the-art zero-knowledge protocols for RSA modulus proper generation assessment. This paper proposes an alternative process applicable in settings where \mathcal P co-generates a modulus n=p_1q_1p_2q_2 with a certification authority \mathcal V. If \mathcal P honestly cooperates with \mathcal V, then \mathcal V will only learn the sub-products n_1=p_1q_1 and n_2=p_2q_2. A heuristic argument conjectures that at least two of the factors of n are beyond \mathcal P's control. This makes n appropriate for cryptographic use provided that \emph{at least one party} (of \mathcal P and \mathcal V) is honest. This heuristic argument calls for further cryptanalysis.

ePrint: https://eprint.iacr.org/2021/077

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .