. We present an attack on the RSA cryptosystem in a case where the attacker has very few knowledge of the parameters: even the public modulus is unknown to him. Our attack is based on the presence of faults and on the use of the Chinese Remainder Theorem to perform computations. With this attack, a damaged smart card can partially be broken. 1 Introduction Suppose someone discovers a lost smart card. The card performs RSA signature (using the Chinese remaindering to speed up computations), but does not mention any information about his owner. The attacker is thus in a situation where he does not possess any information about the parameters, even not the public ones. We will show that, even in such a challenging situation, it is possible to recover much sensitive information if the public exponent is known. As the public exponent is often a standard value which is the same for each card of a given organization, this hypothesis is not so unlikely. Let the modulus n be the product of two...