RSA breaking vs. factoring

I hope this is not too much of a standard question here.

Given a factorisation of the modulus of RSA and a public key, one can
compute the private key, and given a triple (modulus, public key, private
key), one can obtain a factorisation of the modulus. One should therefore
expect that it is proven that breaking RSA is equivalent to factoring,
although not much is proven about the complexity of either.

On the other hand, one can read statements like:

The security of the RSA algorithm depends on the factoring problem being
difficult and the presence of no other types of attack. There has been
some recent evidence that breaking the RSA cryptosystem is not
equivalent to factoring [BV98].
http://www.rsa.com/rsalabs/node.asp?id=2189

I was not able to get the referred article [BV98] at my first visit to the
library, and I am not so much interested in learning the details. Maybe it is
possible to say in a few words where my misconception is when I feel that
there is a discrepancy.

Or is "breaking the RSA cryptosystem" not to mean obtaining the private key
but other activities like decrypting texts without knowledge of the
private key?

--
Helmut Richter
.

Relevant Pages

  • Re: RSA .crt and .key file formats?
    ... > and private key file (actually, the private key file, from what I can ... Basically, for RSA signatures, and for RSA decryption, you need to ... needs only the modulus n and the private exponent d. ... setting is to choose a random binary value K, encrypt it ...
    (sci.crypt)
  • Re: PGP scripting...
    ... It looks like you're talking about how RSA works. ... public key consists of the modulus and the public exponent. ... >> private key is by definition also in possession of the public key. ...
    (SecProg)
  • Re: Generating RSA keys from Pass Phrase
    ... Distinguishing the BBS generator has been polynomially reduced to ... RSA is based directly on the problem of extracting e-th ... to factoring the modulus (and from what I've seen such a reduction seems ...
    (sci.crypt)
  • Re: RSA breaking vs. factoring
    ... Given a factorisation of the modulus of RSA and a public key, ... compute the private key, and given a triple (modulus, public key, private ... Yes, factoring is one attack. ...
    (sci.crypt)
  • Re: RSA breaking vs. factoring
    ... compute the private key, and given a triple (modulus, public key, private ... one can obtain a factorisation of the modulus. ... Yes, factoring is one attack. ... but other activities like decrypting texts without knowledge of the ...
    (sci.crypt)
Quantcast