A new and optimal chosen-message attack on RSA-type cryptosystems

  • Daniel Bleichenbacher
  • Marc Joye
  • Jean-Jacques Quisquater
Session 10 : Crytanalysis of Public Key Systems
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1334)

Abstract

Chosen-message attack on RSA is usually considered as an inherent property of its homomorphic structure. In this paper, we show that non-homomorphic RSA-type cryptosystems are also susceptible to a chosen-message attack. In particular, we prove that only one message is needed to mount a successful chosen-message attack against the Lucasbased systems and Demytko's elliptic curve system.

Keywords

Chosen-message attack signature forgery RSA Lucas-based systems Demytko's elliptic curve system 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    D. Bleichenbacher, W. Bosma, and A. K. Lenstra. Some remarks on Lucas-based cryptosystems. In D. Coppersmith, editor, Advance in Cryptology — Crypto '95, volume 963 of Lectures Notes in Computer Science, pages 386–396. Springer-Verlag, 1995.Google Scholar
  2. 2.
    D. M. Bressoud. Factorization and primality testing. Undergraduate Texts in Mathematics. Springer-Verlag, 1989.Google Scholar
  3. 3.
    G. Davida. Chosen signature cryptanalysis of the RSA (MIT) public key cryptosystem. Technical Report TR-CS-82-2, Dept. of Electrical Engineering and Computer Science, University of Wisconsin, Milwaukee, USA, October 1982.Google Scholar
  4. 4.
    N. Demytko. A new elliptic curve based analogue of RSA. In T. Helleseth, editor, Advance in Cryptology — Eurocrypt '93, volume 765 of Lectures Notes in Computer Science, pages 40–49. Springer-Verlag, 1994.Google Scholar
  5. 5.
    D. E. Denning. Digital signatures with RSA and other public-key cryptosystems. Communications of the ACM, 27(4):388–392, April 1984.CrossRefGoogle Scholar
  6. 6.
    B. S. Kaliski Jr. A chosen message attack on Demytko's elliptic curve cryptosystem. Journal of Cryptology, 10(1):71–72, 1997.CrossRefGoogle Scholar
  7. 7.
    N. Koblitz. Elliptic curve cryptosystems. Mathematics of Computation, 48:203–209, 1987.Google Scholar
  8. 8.
    K. Koyama, U. M. Maurer, T. Okamoto, and S. A. Vanstone. New public-key schemes based on elliptic curves over the ring Zn. In J. Feigenbaum, editor, Advance in Cryptology — Crypto '91, volume 576 of Lectures Notes in Computer Science, pages 252–266. Springer-Verlag, 1991.Google Scholar
  9. 9.
    V. S. Miller. Use of elliptic curves in cryptography. In H. C. Williams, editor, Advance in Cryptology — Crypto '85, volume 218 of Lectures Notes in Computer Science, pages 417–426. Springer-Verlag, 1986.Google Scholar
  10. 10.
    W. B. Müller and R. Nöbauer. Some remarks on public-key cryptosystems. Sci. Math. Hungar, 16:71–76, 1981.Google Scholar
  11. 11.
    W. B. Müller and R. Nöbauer. Cryptanalysis of the Dickson scheme. In J. Pichler, editor, Advance in Cryptology — Eurocrypt '85, volume 219 of Lectures Notes in Computer Science, pages 50–61. Springer-Verlag, 1986.Google Scholar
  12. 12.
    R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126, February 1978.CrossRefGoogle Scholar
  13. 13.
    G. J. Simmons. A weak privacy protocol using the RSA cryptoalgorithm. Cryptologia, 7:180–182, 1983.Google Scholar
  14. 14.
    P. J. Smith and M. J. J. Lennon. LUC: A new public key system. In E. G. Douglas, editor, Ninth IFIP Symposium on Computer Security, pages 103–117. Elsevier Science Publishers, 1993.Google Scholar

Copyright information

© Springer-Verlag 1997

Authors and Affiliations

  • Daniel Bleichenbacher
    • 1
  • Marc Joye
    • 2
  • Jean-Jacques Quisquater
    • 3
  1. 1.Bell LaboratoriesMurray HillUSA
  2. 2.UCL Crypto Group, Dép. de MathématiqueUniversité de LouvainLouvain-la-NeuveBelgium
  3. 3.UCL Crypto Group, Lab. de MicroélectroniqueUniversité de LouvainLouvain-la-NeuveBelgium

Personalised recommendations