Sciweavers

Free Online Productivity Tools i2Speak i2Symbol i2OCR iTex2Img iWeb2Print iWeb2Shot i2Type iPdf2Split iPdf2Merge i2Bopomofo i2Arabic i2Style i2Image i2PDF iLatex2Rtf Sci2ools

16

PKC
1999
Springer

favoriteEmaildiscussreport

87views Cryptology» more PKC 1999»

On the Security of RSA Screening

13 years 10 months ago

On the Security of RSA Screening

Download www.gemplus.com

Since many applications require the veriﬁcation of large sets of signatures, it is sometimes advantageous to perform a simultaneous veriﬁcation instead of checking each signature individually. The simultaneous processing, called batching, must be provably equivalent to the sequential veriﬁcation of all signatures. In eurocrypt’98, Bellare et al. [1] presented a fast RSA batch veriﬁcation scheme, called screening. Here we successfully attack this algorithm by forcing it to accept a false signature and repair it by implementing an additional test.

Jean-Sébastien Coron, David Naccache

Real-time Traffic

Cryptology | Fast Rsa Batch | PKC 1999 | Simultaneous Processing | Simultaneous Veriﬁcation |

claim paper

Related Content

» Generalised Cycling Attacks on RSA and Strong RSA Primes

» On the Security of RSA with Primes Sharing LeastSignificant Bits

» Publishing Upper Half of RSA Decryption Exponent

» Signature Schemes Based on the Strong RSA Assumption

» RSA with Balanced Short Exponents and Its Application to Entity Authentication

» A Multitrapdoor Commitment Scheme from the RSA Assumption

» On the Provable Security of an Efficient RSABased Pseudorandom Generator

» Practical Threshold RSA Signatures without a Trusted Dealer

» Experimenting with Shared Generation of RSA Keys

Post Info
More Details (n/a)

Added	04 Aug 2010
Updated	04 Aug 2010
Type	Conference
Year	1999
Where	PKC
Authors	Jean-Sébastien Coron, David Naccache

Comments (0)