December 1996

·

3 Reads

·

6 Citations

We prove the extension of the Håstad algorithm to the multi-variable modular polynomial. Although the Håstad attack is one of the strongest known attacks on RSA-type cryptosystems, the original Håstad attack is generally not applicable to multi-variable cryptosystems, where the plain text space (the encryption domain) is multi-variable. As an application of our extension, we attack RSA-type cryptosystems over elliptic curves and show the critical number of encrypted texts.