对RSA密码的Wiener的低解密指数攻击的C++实现

这里提供的是一个简要的实现，虽然简单，但是还是蛮有意思，因为毕竟是一种避开分解因子的攻击RSA的方法。可以看到，在一定的条件下，程序可以由公钥n,b求得私钥

具体思路，证明及伪代码请参考Douglas R.Stinson的《Cryptography Theory and Practice(Second Edition)》，这本书有中文译版，书名是《密码学原理与实践》，冯登国译。

对RSA密码的Wiener的低解密指数攻击的C++实现

#include<iostream> #include<math.h> using namespace std; const N=10000; static long q[N],m,Prikey,P,Q; static int flag=0; int Euc(long a,long b)//euclidean算法 {     long r[N];     r[0]=a;     r[1]=b;     m=1;     while(r[m]!=0)     {         q[m]=r[m-1]/r[m];         r[m+1]=r[m-1]-q[m]*r[m];         m++;     }     m--;     return r[m]; } void Wiener(long n,long b)//wiener attack {     long c[N],d[N],j;     double ndot,test,test1;     double temp,mid,de,delte,pp,qq;     c[0]=1;     c[1]=q[1];     d[0]=0;     d[1]=1;     j=1;     while(j<=m)     {         temp=double(c[j])*(b);         ndot=(temp-1)/double(d[j]);         test=long(ndot);                 if(test==ndot)         {                    mid=double(n)-ndot+1.0;             de=mid*mid-4.0*double(n);             delte=sqrt(de);             qq=(mid-delte)/2.0;             pp=(mid+delte)/2.0;                         test=long(pp);             test1=long(qq);             if(test==pp && test1==qq && de>=0)             {                //                cout<<"p="<<pp<<",q="<<qq<<endl;                 P=pp;Q=qq;                 flag=1;             }         }         j++;         c[j]=q[j]*c[j-1]+c[j-2];         d[j]=q[j]*d[j-1]+d[j-2];     }     if(!flag) cout<<"...attack failed"<<endl; } int Gcd(int a,int b,int &x,int &y)//求同余方程 {     if(!b)     {         x=1;         y=0;         return a;     }     else     {         int r=Gcd(b,a%b,x,y);         int t=x;         x=y;         y=t-(a/b)*y;         return r;     } } int GetPriKey(int Fn,int Pubkey)//求得密钥d.. {     int x,y,d;     d=Gcd(Pubkey,Fn,x,y);     return (x/d)%Fn; } int main() {     int rm,i;     long n,b,Fn;     double temp0; //    n=160523347;b=60728973;//样例数据 cout<<"PLEASE INPUT n,b"<<endl; cin>>n>>b; cout<<"Euclidean Algorithm("<<n<<","<<b<<")..."<<endl; rm=Euc(n,b); cout<<"r[m]="<<rm<<endl;for(i=0;i<=m;i++)     {         cout<<"q["<<i<<"]="<<q[i]<<endl;     }     cout<<"[Wiener Attack]"<<endl;     Wiener(n,b);         if(flag)     {         cout<<"attack successed"<<endl;         cout<<"now checking presupposition...";                 temp0=sqrt(sqrt(n));         if(temp0>3*Prikey && P>Q && P<2*Q)//初始条件验证         {             cout<<"passed"<<endl<<"RESULT"<<endl;             cout<<"p="<<P<<",q="<<Q<<endl;                        Fn=(P-1)*(Q-1);             Prikey=GetPriKey(Fn,b);             cout<<"Prikey="<<Prikey<<endl;         }         else         {             cout<<"failed"<<endl;         }     }        return 0;    }