Skip to main content
Conference ProceedingsOPEN ACCESS

A multiplicative attack using LLL algorithm on RSA signatures with redundancy

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (1997) 1294 221-234
DOI: 10.1007/BFb0052238
18Citations
Citations of this article
43Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We show that some RSA signature schemes using fixed or modular redundancy and dispersion of redundancy bits are insecure. Our attack is based on the multiplicative property of RSA signature function and extends old results of De Jonge and Chaum [DJC] as well as recent results of Girault and Misarsky [GM]. Our method uses the lattice basis reduction [LLL] and algorithms of Laszld Babai [B]. Our attack is valid when the length of redundancy is roughly less than half the length of the public modulus. We successfully apply our attack to a scheme proposed for discussion inside ISO. Afterwards, we also describe possible adaptations of our method to attack schemes using mask or different modular redundancies. We explain limits of our attack and how to defeat it.

Author supplied keywords

Cite

CITATION STYLE

APA

Misarsky, J. F. (1997). A multiplicative attack using LLL algorithm on RSA signatures with redundancy. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1294, pp. 221–234). Springer Verlag. https://doi.org/10.1007/BFb0052238

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free