Abstract
A new attack on the RSA cryptosystem is presented. This attack assumes less than previous chosen ciphertext attacks, since the cryptanalyst has to obtain the plaintext versions of some carefully chosen ciphertexts only once, and can then proceed to decrypt further ciphertexts without further recourse to the authorized user’s decrypting facility. This attack is considerably more efficient than the best algorithms that are known for factoring the public modulus. The same idea can also be used to develop an attack on the three-pass system of transmitting information using exponentiation in a finite field.
Chapter PDF
References
M. Blum, A potential danger with low-exponent modular encryption schemes, to be published.
D. Coppersmith, A. M. Odlyzko, and R. Schroeppel, Discrete logarithms in GF(p), Algorithmica, to appear.
G. Davida, Chosen signature cryptanalysis of the RSA (MIT) public key cryptosystem, Tech. Rept. TR-CS-82-2, Dept. of Electrical Engineering and Computer Science, Univ. of Wisconsin, Milwaukee, Wisconsin, Oct. 1982.
R. A. DeMillo, G. I. Davida, D. P. Dobkin, M. A. Harrison, and R. J. Lipton, Applied Cryptology, Cryptographic Protocols, and Computer Security Models, Proc. Symp. Appl. Math. #29, Am. Math. Soc. 1983.
D. E. Denning, Digital signatures with RSA and other public-key cryptosystems, Comm. ACM 27 (1984), 388–392.
W. Diffie and M. E. Hellman, New directions in cryptography, IEEE Trans. Inform. Theory, IT-22 (1976), 644–654.
J. Hastad, On using RSA with low exponent in a public key network, to be published.
A. G. Konheim, Cryptography: A Primer, Wiley, 1981.
H. W. Lenstra, Jr., manuscript in preparation.
A. M. Odlyzko, Discrete logarithms in finite fields and their cryptographic significance, Proc. Eurocrypt’ 84, to appear.
C. Pomerance, Analysis and comparison of some integer factoring algorithms, pp. 89–139 in Computational Methods in Number Theory: Part 1, H. W. Lenstra, Jr., and R. Tijdeman, eds., Math. Centre Tract 154, Math. Centre Amsterdam, 1982.
R. L. Rivest, Remarks on a proposed cryptanalytic attack on the M.I.T. public-key cryptosystem, Cryptologia 2 (1978), 62–65.
R. L. Rivest, A. Shamir, and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Comm. ACM 21 (1978), 120–126.
G. T. Simmons and J. N. Norris, Preliminary comments on the M.I.T. public-key cryptosystem, Cryptologia 1 (1977), 406–414.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1986 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Desmedt, Y., Odlyzko, A.M. (1986). A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes. In: Williams, H.C. (eds) Advances in Cryptology — CRYPTO ’85 Proceedings. CRYPTO 1985. Lecture Notes in Computer Science, vol 218. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-39799-X_40
Download citation
DOI: https://doi.org/10.1007/3-540-39799-X_40
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-16463-0
Online ISBN: 978-3-540-39799-1
eBook Packages: Springer Book Archive