Index Calculation Attacks on RSA Signature and Encryption

Authors:
Jean-Sébastien Coron;David Naccache;Yvo Desmedt;Andrew Odlyzko;Julien P. Stern
Affiliations:
Gemplus Card International, France;Gemplus Card International, France;Florida State University, USA;University of Minnesota, USA;Cryptolog International, France
Venue:
Designs, Codes and Cryptography
Year:
2006

Citing 4
Cited 2

The quadratic sieve factoring algorithm

Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes

Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
How (not) to Design RSA Signature Schemes

PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography

Efficient migration access control for mobile agents

Computer Standards & Interfaces
An efficient public key cryptosystem secure against chosen ciphertext attack

ICISS'06 Proceedings of the Second international conference on Information Systems Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

At Crypto '85, Desmedt and Odlyzko described a chosen-ciphertext attack against plain RSA encryption. The technique can also be applied to RSA signatures and enables an existential forgery under a chosen-message attack. The potential of this attack remained untapped until a twitch in the technique made it effective against two very popular RSA signature standards, namely iso/iec 9796-1 and iso/iec 9796-2. Following these attacks, iso/iec 9796-1 was withdrawn and ISO/IEC 9796-2 amended. In this paper, we explain in detail Desmedt and Odlyzko's attack as well as its application to the cryptanalysis of iso/iec 9796-2.