[Resource Topic] 2010/135: On The Broadcast and Validity-Checking Security of PKCS \#1 v1.5 Encryption

Welcome to the resource topic for 2010/135

Title:
On The Broadcast and Validity-Checking Security of PKCS #1 v1.5 Encryption

Authors: Aurélie Bauer, Jean-Sébastien Coron, David Naccache, Mehdi Tibouchi, Damien Vergnaud

Abstract:

This paper describes new attacks on PKCS #1 v1.5, a deprecated but still widely used RSA encryption standard. The first cryptanalysis is a broadcast attack, allowing the opponent to reveal an identical plaintext sent to different recipients. This is nontrivial because different randomizers are used for different encryptions (in other words, plaintexts coincide only partially). The second attack predicts, using a single query to a validity checking oracle, which of two chosen plaintexts corresponds to a challenge ciphertext. The attack’s success odds are very high. The two new attacks rely on different mathematical tools and underline the need to accelerate the phase out of PKCS #1 v1.5.

ePrint: https://eprint.iacr.org/2010/135

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .