Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS1 (1998)
by
Daniel Bleichenbacher
| Citations: | 198 - 1 self |
BibTeX
@INPROCEEDINGS{Bleichenbacher98chosenciphertext,
author = {Daniel Bleichenbacher},
title = {Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS1},
booktitle = {},
year = {1998},
pages = {1--12},
publisher = {Springer-Verlag}
}
Years of Citing Articles
Bookmark
 |
 |
 |
 |
 |
 |
OpenURL
Abstract
This paper introduces a new adaptive chosen ciphertext attack against certain protocols based on RSA. We show that an RSA private-key operation can be performed if the attacker has access to an oracle that, for any chosen ciphertext, returns only one bit telling whether the ciphertext corresponds to some unknown block of data encrypted using PKCS #1. An example of a protocol susceptible to our attackisSSL V.3.0.
Citations
| 394 | A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack - Cramer, Shoup - 1998 |
| 388 | Relations Among Notions of Security for Public-Key Encryption Schemes - Bellare, Desai, et al. - 1998 |
| 200 | Optimal Asymmetric Encryption - Bellare, Rogaway - 1994 |
| 27 | Chosen signature cryptanalysis of the RSA (MIT) public key cryptosystem - Davida - 1982 |
| 27 | Timing Attacks on Implementations of Di#e-Hellman, RSA, DSS, and Other Systems - Kocher - 1996 |
| 25 | Why and how to establish a private code on a public network - Goldwasser, Micali, et al. - 1982 |
| 1 | Bit security of RSA and Rabin functions - Alexi, Chor, et al. - 1988 |
| 1 | The security of individual RSA bits. manusrcipt - Hastad, Naslund - 1998 |
| 1 | SSLeay 0.8.1. url = http://www.cryptsoft.com/ This article was processed using the LaT E X macro package with LLNCS style - Young |
| 1 | Bit security of RSA and Rabin functions. SIAM Journal of computing - Alexi, Chor, et al. - 1988 |
