2010 | OriginalPaper | Chapter
On the Broadcast and Validity-Checking Security of pkcs#1 v1.5 Encryption
Authors : Aurélie Bauer, Jean-Sébastien Coron, David Naccache, Mehdi Tibouchi, Damien Vergnaud
Published in: Applied Cryptography and Network Security
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
This paper describes new attacks on
pkcs
#1 v1.5, a deprecated but still widely used
rsa
encryption standard.
The first cryptanalysis is a broadcast attack, allowing the opponent to reveal an identical plaintext sent to different recipients. This is nontrivial because different randomizers are used for different encryptions (in other words, plaintexts coincide only partially).
The second attack predicts, using a
single
query to a validity checking oracle, which of two chosen plaintexts corresponds to a challenge ciphertext. The attack’s success odds are very high.
The two new attacks rely on different mathematical tools and underline the need to accelerate the phase out of
pkcs
#1 v1.5.