In typical RSA, it is impossible to create a key pair (e, d) such that both are simultaneously much shorter than φ(N). This is because if d is selected first, then e will be of t...
This paper contains several attacks on the hash function MD2 which has a hash code size of 128 bits. At Asiacrypt 2004 Muller presents the first known preimage attack on MD2. The ...
To sign with RSA, one usually encodes the message m as µ(m) and then raises the result to the private exponent modulo N. In Asiacrypt 2000, Coron et al. showed how to build a secu...