Low-Exponent RSA with Related Messages

  • Don Coppersmith
  • Matthew Franklin
  • Jacques Patarin
  • Michael Reiter
Conference paper

DOI: 10.1007/3-540-68339-9_1

Part of the Lecture Notes in Computer Science book series (LNCS, volume 1070)
Cite this paper as:
Coppersmith D., Franklin M., Patarin J., Reiter M. (1996) Low-Exponent RSA with Related Messages. In: Maurer U. (eds) Advances in Cryptology — EUROCRYPT ’96. EUROCRYPT 1996. Lecture Notes in Computer Science, vol 1070. Springer, Berlin, Heidelberg


In this paper we present a new class of attacks against RSA with low encrypting exponent. The attacks enable the recovery of plain- text messages from their ciphertexts and a known polynomial relationship among the messages, provided that the ciphertexts were created using the same RSA public key with low encrypting exponent.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Don Coppersmith
    • 1
  • Matthew Franklin
    • 2
  • Jacques Patarin
    • 3
  • Michael Reiter
    • 4
  1. 1.IBM ResearchYorktown HeightsUSA
  2. 2.AT&T ResearchMurray HillUSA
  3. 3.CP8 TransacLouveciennesFrance
  4. 4.AT&T ResearchMurray HillUSA

Personalised recommendations