Abstract
The concept of public-key cryptography was invented in 1976 by Diffie and Hellman [DH]. The following year, Rivest, Shamir and Adleman provided an implementation of this idea [RSA]. The RSA signature, like any other signature, is message-dependent and signer-dependent. Thus, the recipient cannot modify the message and the signer cannot deny the validity of his signature. However, several attacks have appeared since. These attacks do not challenge RSA in itself but only the way to design a signature scheme based on it.
Preview
Unable to display preview. Download preview PDF.
References
E. Brickell and J. DeLaurentis, An Attack on a Signature Scheme Proposed by Okamoto and Shiraishi, Proc. of Crypto '85, Lecture Notes in Computer Science, vol. 218, Springer-Verlag, pp. 28.32.
M. Bellare, P. Rogaway, The Exact Security of Digital Signatures — How to Sign with RSA and Rabin, Advances in Cryptology, Eurocrypt '96, LNCS 1070, 1996.
D. Coppersmith, Analysis of ISO/CCITT Document X.509 Annex D, memorandum, IBM T.J. Watson Research Center, Yorktown Heights, N.Y., 10598, U.S.A., 11th June 1989.
G. Davida, Chosen Signature Cryptanalysis of the RSA (MIT) Public Key Cryptosystem, Technical Report TR-CS-82-2, Department of Electrical Engineering and Computer Science, University of Wisconsin, Milwaukee, USA, October 1982.
D.E. Denning, Digital Signatures with RSA and other Public-key cryptosystems, Communications of the ACM 27, 4, April 1984, 388–392.
W. Diffie, M. Hellman, New Directions in Cryptography, IEEE Trans. Inform. Theory IT-22, Nov. 1976, 644–654.
W. de Jonge, D. Chaum, Attacks on Some RSA Signatures, Advances in Cryptology, Crypto '85 proceedings, Lectures Notes In Computer Science, Vol. 218, Springer-Verlag, Berlin, 1986, pp. 18–27.
Y. Desmedt, A.M. Odlyzko, A Chosen Text Attack on RSA Cryptosystem and some Discrete Logarithm Schemes, Advances in Cryptology, Crypto '85 proceedings, Lectures Notes In Computer Science, Vol. 218, Springer-Verlag, Berlin, 1986, pp. 516–522.
M. Girault, How to Forge RSA Key Certificates (even when adding redundancy), unpublished, personal communication.
J. A. Gordon, How to Forge RSA Key Certificates, Electronics Letters, 25th April 1985, Vol. 21 N. 9.
M. Girault, J.F. Misarsky, Selective Forgery of RSA Signatures Using Redundancy, Advances in Cryptology — Eurocrypt '97, Lecture Notes in Computer Science, vol. 1233, Springer-Verlag, pp 495–507.
L.C. Guillou, J.J. Quisquater, M. Walker, P. Landrock, C. Shaer, Precautions taken against various potential attacks in ISO/IEC DIS 9796, Digital signature scheme giving message recovery, Eurocrypt '90 Proceedings, Lecture Notes in Computer Science, vol. 473, Springer-Verlag, pp 465–473.
ISO/IEC 9796, Digital Signature Scheme Giving Message Recovery, December 1991.
ISO/IEC JTC 1/SC 27, Digital Signature Schemes Giving Message Recovery; Part 2: Mechanisms using a hash function, Working Draft, January 1996.
ISO/IEC 9796-3, Digital Signature Schemes Giving Message Recovery; Part 3: Mechanisms using a check-function, Working Draft, December 1996.
A. K. Lenstra, H. W. Lenstra, L. Lovász, Factoring Polynomials with Rational Coefficients, Mathematische Annalen, vol. 261, n. 4, 1982, pp. 515–534.
J. F. Misarsky, A Multiplicative Attack Using LLL Algorithm on RSA Signatures with Redundancy, Advances in Cryptology — Crypto '97, Lecture Notes in Computer Science, vol. 1294, Springer-Verlag, pp. 221–234.
T. Okamoto, A. Shiraishi, A Fast Signature Scheme Based on Quadratic Inequalities, Proc. of the 1985 Symposium on Security and Privacy, April 1985, Oakland, CA.
RSA Laboratories, PKCS #1: RSA Encryption Standard, Version 1.5, November 1993.
R.L. Rivest, A. Shamir, L. Adleman, A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, MIT Laboratory for Computer Science, Technical Memo LCS!TM82, Cambridge, Massachusetts, 4/4/77. Also Comm. ACM, Vol. 21, N. 2, Feb 1978.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Misarsky, J.F. (1998). How (not) to design RSA signature schemes. In: Imai, H., Zheng, Y. (eds) Public Key Cryptography. PKC 1998. Lecture Notes in Computer Science, vol 1431. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0054011
Download citation
DOI: https://doi.org/10.1007/BFb0054011
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64693-8
Online ISBN: 978-3-540-69105-1
eBook Packages: Springer Book Archive