sion of an extended abstract published in Proceedings of Crypto 2009, Springer-Verlag, 2009. Available from the IACR Cryptology ePrint Archive as Report 2008/510. We show that an ...
Abstract. Let pk = (N , e) be an RSA public key with corresponding secret key sk = (p, q, d, dp, dq , q-1 p ). Assume that we obtain partial error-free information of sk, e.g., ass...
In this paper, we present a new attack on RSA when the public exponent is short, for instance 3 or 216 +1, and when the classical exponent randomization is used. This attack works ...
Abstract. Despite many good (secure) key agreement protocols based on publickey cryptography exist, secure associations between two wireless devices are often established using sym...
Serge Vaudenay [20] introduced a notion of Message Authentication (MA) protocols in the Short Authenticated String (SAS) model. A SAS-MA protocol authenticates arbitrarily long mes...