A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Securely combining public-key cryptosystems
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
On the Security of RSA Padding
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Universal Padding Schemes for RSA
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
On the Security of Joint Signature and Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
The Exact Security of ECIES in the Generic Group Model
Proceedings of the 8th IMA International Conference on Cryptography and Coding
Further Results and Considerations on Side Channel Attacks on RSA
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Generic Groups, Collision Resistance, and ECDSA
Designs, Codes and Cryptography
Practical Cryptanalysis of iso/iec 9796-2 and emv Signatures
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Discrete-Log-Based signatures may not be equivalent to discrete log
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Errors matter: breaking RSA-Based PIN encryption with thirty ciphertext validity queries
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Fault attacks against EMV signatures
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
On the joint security of encryption and signature, revisited
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Hi-index | 0.00 |
We provide an analysis of current and future algorithms for signature and encryption in the EMV standards in the case where a single key-pair is used for both signature and encryption. We give a theoretical attack for EMV's current RSA-based algorithms, showing how access to a partial decryption oracle can be used to forge a signature on a freely chosen message. We show how the attack might be integrated into EMV's CDA protocol flow, enabling an attacker with a wedge device to complete an offline transaction without knowing the cardholder's PIN. Finally, the elliptic curve signature and encryption algorithms that are likely to be adopted in a forthcoming version of the EMV standards are analyzed in the single key-pair setting, and shown to be secure.