The quadratic sieve factoring algorithm
Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
How (not) to Design RSA Signature Schemes
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Efficient migration access control for mobile agents
Computer Standards & Interfaces
An efficient public key cryptosystem secure against chosen ciphertext attack
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Hi-index | 0.00 |
At Crypto '85, Desmedt and Odlyzko described a chosen-ciphertext attack against plain RSA encryption. The technique can also be applied to RSA signatures and enables an existential forgery under a chosen-message attack. The potential of this attack remained untapped until a twitch in the technique made it effective against two very popular RSA signature standards, namely iso/iec 9796-1 and iso/iec 9796-2. Following these attacks, iso/iec 9796-1 was withdrawn and ISO/IEC 9796-2 amended. In this paper, we explain in detail Desmedt and Odlyzko's attack as well as its application to the cryptanalysis of iso/iec 9796-2.