Skip to main content
Conference ProceedingsOPEN ACCESS

New Attacks on PKCS#1 v1.5 Encryption

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2000) 1807 369-381
DOI: 10.1007/3-540-45539-6_25
19Citations
Citations of this article
41Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

This paper introduces two new attacks on PKCS#1 v1.5, an RSA-based encryption standard proposed by RSA Laboratories. As opposed to Bleichenbacher’s attack, our attacks are chosen-plaintext only, i.e. they do not make use of a decryption oracle. The first attack applies to small public exponents and shows that a plaintext ending by sufficiently many zeroes can be recovered efficiently when two or more ciphertexts c orresponding to the same plaintext are available.We believe the technique we employ to be of independent interest, as it extends Coppersmith’s low-exponent attack to certain length parameters. Our second attack is applicable to arbitrary public exponents, provided that most message bits are zeroes. It seems to constitute the first chosen-plaintext attack on an RSA-based encryption standard that yields to practical results for any public exponent.

Cite

CITATION STYLE

APA

Coron, J. S., Joye, M., Naccache, D., & Paillier, P. (2000). New Attacks on PKCS#1 v1.5 Encryption. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1807, pp. 369–381). Springer Verlag. https://doi.org/10.1007/3-540-45539-6_25

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free