{"id":17147768,"url":"https://github.com/x3nny/rsa-extending-wiener-attack","last_synced_at":"2026-01-06T04:07:06.259Z","repository":{"id":45240359,"uuid":"440074832","full_name":"X3NNY/RSA-extending-wiener-attack","owner":"X3NNY","description":"An implementation of RSA extending Wiener attack","archived":false,"fork":false,"pushed_at":"2021-12-28T10:20:37.000Z","size":594,"stargazers_count":15,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-24T11:17:35.234Z","etag":null,"topics":["cryptoanalysis","cryptography","rsa","wiener-attack"],"latest_commit_sha":null,"homepage":"","language":"Sage","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/X3NNY.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-12-20T07:08:24.000Z","updated_at":"2023-12-28T04:50:06.000Z","dependencies_parsed_at":"2022-09-10T17:41:38.664Z","dependency_job_id":null,"html_url":"https://github.com/X3NNY/RSA-extending-wiener-attack","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/X3NNY/RSA-extending-wiener-attack","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/X3NNY%2FRSA-extending-wiener-attack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/X3NNY%2FRSA-extending-wiener-attack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/X3NNY%2FRSA-extending-wiener-attack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/X3NNY%2FRSA-extending-wiener-attack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/X3NNY","download_url":"https://codeload.github.com/X3NNY/RSA-extending-wiener-attack/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/X3NNY%2FRSA-extending-wiener-attack/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28221555,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2026-01-06T02:00:07.049Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptoanalysis","cryptography","rsa","wiener-attack"],"created_at":"2024-10-14T21:25:58.254Z","updated_at":"2026-01-06T04:07:06.245Z","avatar_url":"https://github.com/X3NNY.png","language":"Sage","funding_links":[],"categories":[],"sub_categories":[],"readme":"# RSA-extending-wiener-attack\n\nAn implementation of RSA extending Wiener attack, which implements the general attack method of the following paper:\n\nNick Howgrave-Graham, Jean-Pierre Seifert:\nExtending Wiener's Attack in the Presence of Many Decrypting Exponents. CQRE 1999: 153-166\n\nThis paper is available in the following link:\n\nhttps://www.sci-hub.ren/https://link.springer.com/chapter/10.1007/3-540-46701-7_14\n\nThis attack is feasible when there are many pairs (denoted the number of pairs as `n`) of RSA encryption exponents `e_i` and the corresponding **small** exponents `d_i`, which share the same modulus `N`.\n\nThis attack implementation is based on [SageMath](https://www.sagemath.org/), and the attacking approach is based on lattice reduction.\n\n---\n\n## Implementation Details\n\nIn Section 3.2 and Section 3.3 of the paper, it gave the exact form of the lattice construction where `n=2` and `n=3` respectively. However, for general cases, i.e., `n\u003e3`, the paper implicitly gave a general approach in Section `3.1`, and provided a more detailed illustration in Appendix. It mainly made use of Wiener's equations (denoted as `W_i`):\n\n![Wiener's equations](images/wiener.png)\n\nand Guo's equations (denoted as `G_{i,j}`):\n\n![Guo's equations](images/guo.png)\n\nIt generated the lattice via the multiplication of certain Wiener's equations and Guo's equations to construct the lattice. Moreover, we need to multiply the coefficients to balance the lattice, and then apply lattice reduction using the `LLL` or `BKZ` method.\n\nAfter having reduced the lattice, we need to refer to Section 2.1 to find the `r`, and factor `N` by solving the quadratic equation with respect to `p` and `q`.\n\nThis repository implements the automatic generation of the equations (lattice), and can perform the attack when `n\u003c=6` at a reasonable cost of time and memory.\n\n---\n\n## Usage\n\n* It can only run in *`SAGEMATH`* environment.\n\n```bash\ngit clone https://github.com/X3NNY/RSA-extending-wiener-attack.git\ncd ./RSA-extending-wiener-attack/\nsage --pip install -r requirements.txt\nsage rsa_extending_wiener_attack.sage\n```\n\n---\n\n## Example\n\nHere is an example of the implementation.\n\n![example](images/example.png)\n\n---\n\nThe BibTeX of the original paper:\n\n```bibtex\n@inproceedings{Howgrave-GrahamS99,\n  author    = {Nick Howgrave{-}Graham and\n               Jean{-}Pierre Seifert},\n  title     = {Extending Wiener's Attack in the Presence of Many Decrypting Exponents},\n  booktitle = {{CQRE}},\n  volume    = {1740},\n  pages     = {153--166},\n  year      = {1999},\n}\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fx3nny%2Frsa-extending-wiener-attack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fx3nny%2Frsa-extending-wiener-attack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fx3nny%2Frsa-extending-wiener-attack/lists"}