Results 1 
1 of
1
Low exponent attack against elliptic curve RSA
, 1995
"... Hastad showed that low exponent RSA is not secure if the same message is encrypted to several receivers. This is true even if timestamp is used for each receiver. For example, let e = 3. Then if the number of receivers = 7, the eavesdropper can find the plaintext from the seven ciphertexts of each ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
Hastad showed that low exponent RSA is not secure if the same message is encrypted to several receivers. This is true even if timestamp is used for each receiver. For example, let e = 3. Then if the number of receivers = 7, the eavesdropper can find the plaintext from the seven ciphertexts of each receiver. This paper shows that elliptic curve RSA is not secure in the same scinario. It is shown that the KMOV scheme and Demytko's scheme are not secure if e = 5; n 2 1024 and the number of receivers = 428. In Demytko's scheme, e can take the value of 2. In this case, this system is not secure if the number of receiver = 11 for n 2 175 . 1 Introduction Hastad showed that low exponent RSA is not secure if the same message is encrypted to several receivers [1]. This is true even if timestamp is used for each receiver. For example, let e = 3. Then if the number of receivers = 7, the eavesdropper can find the plaintext from the seven ciphertexts of each receiver. On the other hand, el...