In this paper, we investigate the security property of RSA when some middle bits of the private key d are known to an attacker. Using the technique of unravelled linearization, we present a new attack on RSA with known middle bits, which improves a previous result under certain circumstance. Our approach is based on Coppersmith's method for finding small roots of modular polynomial equations.

In this paper, we study partial key exposure attacks on RSA where the number of unexposed blocks of the private key is greater than or equal to one. This situation, called generalized framework of partial key exposure attack, was first shown by Sarkar [22] in 2011. Under a certain condition for the values of exposed bits, we present a new attack which needs fewer exposed bits and thus improves the result in [22]. Our work is a generalization of [28], and the approach is based on Coppersmith's method and the technique of unravelled linearization.