Abstract. Multi-computations in finite groups, such as multiexponentiations and multi-scalar multiplications, are very important in ElGamallike public key cryptosystems. Algorithm...
Coppersmith, Franklin, Patarin, and Reiter show that given two RSA cryptograms xe mod N and (ax + b)e mod N for known constants a, b ∈ ZN , one can compute x in O(e log2 e) ZN -o...
In typical RSA, it is impossible to create a key pair (e, d) such that both are simultaneously much shorter than φ(N). This is because if d is selected first, then e will be of t...
A well-known attack on RSA with low secret-exponent d was given by Wiener about 15 years ago. Wiener showed that using continued fractions, one can efficiently recover the secret-...
Ron Steinfeld, Scott Contini, Huaxiong Wang, Josef...
Abstract. A number of papers on side-channel attacks have been published where the side-channel information was not exploited in an optimal manner, which reduced their efficiency. ...
We develop a method for generating shared, secret, safe primes applicable to use in threshold RSA signature schemes such as the one developed by Shoup. We would like a scheme usabl...
In this paper, we first introduce a new kind of adversarial goal called forge-and-impersonate in undeniable signature schemes. Note that forgeability does not necessarily imply im...
We present an attack on DSA smart-cards which combines physical fault injection and lattice reduction techniques. This seems to be the first (publicly reported) physical experimen...
David Naccache, Phong Q. Nguyen, Michael Tunstall,...
In this paper, we present the cryptanalysis of a public key scheme based on a system of multivariate polynomial equations, the ”tractable rational map” cryptosystem. We show co...