Abstract

In 2018, N. Murru and F. M. Saettone proposed a novel RSA-like cryptosystem with modulus $N=pq$ and $ed\equiv 1 (\bmod~(p^2+p+1)(q^2+q+1))$ based on a generalization of the {R}é{dei} Rational functions. In this paper, we give some bounds on the deciphering exponent $d=N^\delta$, in which this RSA-like cryptosystem {is insecure}. For the enciphering exponent $e=N^\alpha$ and $p+q+1=N^\beta$, the attack bound on $d$ is $\delta<\frac{2-(\alpha+\beta)}{3}$ in the case of $\alpha<1$ and $\delta<\frac{\alpha-2\beta}{2}$ when $\alpha>1$. Furthermore, we describe the magnitude of the bounds in all cases of $\alpha$ and $\beta$.

Keywords and Phrases

RSA-like cryptosystem, Cryptanalysis, LLL algorithm, Coppersmith's method.

A.M.S. subject classification

11T71.

.....