Paper 2024/2072

Advancements in Distributed RSA Key Generation: Enhanced Biprimality Tests

ChihYun Chuang, AMIS
IHung Hsu, AMIS
TingFang Lee, Division of Biostatistics, NYU Langone Health
Abstract

RSA is widely used in modern cryptographic practice, with certain RSA-based protocols relying on the secrecy of $p$ and $q$. A common approach is to use secure multiparty computation to address the privacy concerns of $p$ and $q$. Specifically constrained to distributed RSA modulus generation protocols, the biprimality test for Blum integers $N=pq$, where $p\equiv q\equiv 3 \mod4$ are two primes, proposed by Boneh and Franklin ($2001$) is the most commonly used. Over the past $20 $ years, the worst-case acceptance rate of this test has been consistently assumed to be $1/2$ under the condition $\gcd(pq,p+q-1)=1$.This paper demonstrates that the acceptance probability for the Boneh-Franklin test is at most $1/4$, rather than $1/2$, except in the specific case where $p = q = 3$. Notably, $1/4$ is shown to be the tightest upper bound. This result substantially improves the practical effectiveness of the Boneh-Franklin test: achieving the same level of soundness for the RSA modulus now requires only half the iterations previously considered necessary. Furthermore, we propose a generalized biprimality test based on the Lucas sequence. In the worst case, the acceptance rate of the proposed test is at most $1/4 + 1.25/(p_{\min} -3)$, where $p_{\min}$ is the smallest prime factors of $N$. To validate our approach, we implemented the variant Miller-Rabin test, the Boneh-Franklin test, and our proposed test, performing pairwise comparisons of their effectiveness. Simulations indicate that the proposed test is generally more efficient than the Boneh-Franklin test in detecting cases where $N$ is not an RSA modulus. Additionally, this test is applicable to generating RSA moduli for arbitrary odd primes $p,q$. A corresponding protocol is developed for this test, validated for resilience against semi-honest adversaries, and shown to be applicable to most known distributed RSA modulus generation protocols. After thoroughly analyzing and comparing well-known protocols for Blum integers, including Burkhardt et al.'s protocol (CCS 2023), and the Boneh-Franklin protocol, our protocol is competitive for generating distributed RSA moduli.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint.
Contact author(s)
chihyun @ maicoin com
glen @ maicoin com
Ting-Fang Lee @ nyulangone org
History
2025-01-13: last of 6 revisions
2024-12-24: received
See all versions
Short URL
https://ia.cr/2024/2072
License
Creative Commons Attribution-NonCommercial
CC BY-NC

BibTeX 

@misc{cryptoeprint:2024/2072,
      author = {ChihYun Chuang and IHung Hsu and TingFang Lee},
      title = {Advancements in Distributed {RSA} Key Generation: Enhanced Biprimality Tests},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/2072},
      year = {2024},
      url = {https://eprint.iacr.org/2024/2072}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.