Published in
Springer Verlag, Lecture Notes in Computer Science, p. 114-127
Links
- Springer Verlag
- [citeseerx.ist.psu.edu] | PDF
- [citeseerx.ist.psu.edu] | PDF
- [citeseerx.ist.psu.edu] | PDF
- [citeseerx.ist.psu.edu] | PDF
- [citeseerx.ist.psu.edu] | PDF
- [www.sis.uncc.edu] | PDF
- [www.gemplus.com] | PDF
- [www.geocities.com] | PDF
- [www.math.snu.ac.kr] | PDF
- [www.gemplus.com] | PDF
- [www.researchgate.net] | PDF
Tools
Strong Adaptive Chosen-Ciphertext Attacks with Memory Dump (Or: The Importance of the Order of Decryption and Validation) (Published in B. Honary, Ed., Cryptography and Coding, vol. 2260 of Lecture Notes in Computer Science, pp. 114{127, Springer-Verlag, 2001.)
Full text: Download
Abstract
This paper presents a new type of powerful cryptanalytic at- tacks on public-key cryptosystems, extending the more commonly stud- ied adaptive chosen-ciphertext attacks. In the new attacks, an adversary is not only allowed to submit to a decryption oracle (valid or invalid) ciphertexts of her choice, but also to emit a \dump query" prior to the completion of a decryption operation. The dump query returns interme- diate results that have not been erased in the course of the decryption operation, whereby allowing the adversary to gain vital advantages in breaking the cryptosystem. We believe that the new attack model approximates more closely existing security systems. We examine its power by demonstrating that most existing public-key cryptosystems, including OAEP-RSA, are vulnerable to our extended attacks.