Finding Small Roots of Univariate Modular Equations Revisited
Proceedings of the 6th IMA International Conference on Cryptography and Coding
Lattice Reduction in Cryptology: An Update
ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
| Hi-index | 0.00 |
We introduce a hypothetical situation in which low-exponent RSA is used to encrypt IP packets, TCP segments, or TCP segments carried in IP packets. In this scenario, we explore how the Coppersmith/Howgrave-Graham method can be used, in conjunction with the TCP and IP protocols, to decrypt specific packets when they get retransmitted (due to a denial-of-service attack on the receiver's side). We draw conclusions on the applicability of the Coppersmith/Howgrave-Graham method, its interaction with "guessing", and the difficulties of building a secure system by combining well-known building blocks.