Skip to content

Lattice attacks on RSA-encrypted IP and TCP

Citations of this article
Mendeley users who have this article in their library.
Get full text


We introduce a hypothetical situation in which low-exponent RSA is used to encrypt IP packets, TCP segments, or TCP segments carried in IP packets. In this scenario, we explore how the Coppersmith/ Howgrave-Graham method can be used, in conjunction with the TCP and IP protocols, to decrypt specific packets when they get retransmitted (due to a denial-of-service attack on the receiver’s side). We drawconclusions on the applicability of the Coppersmith/Howgrave- Graham method, its interaction with “guessing”, and the difficulties of building a secure system by combining well-known building blocks.




Crouch, P. A., & Davenport, J. H. (2001). Lattice attacks on RSA-encrypted IP and TCP. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2260, pp. 329–338). Springer Verlag.

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free