R.G.E. Pinch. On using Carmichael numbers for public-key encryption systems. In M. Darnell, editor, Cryptography and Coding, volume 1355 of Lecture Notes in Computer Science, pages 265--269, Springer-Verlag, 1997.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....Therefore, from Theorems 4 and 5, the previous discussion still applies to elliptic curve based cryptosystems and the conclusion of Rivest and Silverman remains valid, i.e. the use of strong primes o ers (quasi) no additional security against cycling attacks. However, as remarked by Pinch [21], a user might intentionally choose a weak RSA modulus. Suppose that a user chooses his public RSA modulus n = pq so that a cycling attack is possible. In that case, this user can repudiate a document by asserting that an intruder has discovered by chance (the probability of a cycling attack is ....

R.G.E. Pinch. On using Carmichael numbers for public-key encryption systems. In M. Darnell, editor, Cryptography and Coding, volume 1355 of Lecture Notes in Computer Science, pages 265-269, Springer-Verlag, 1997.

....exponents suffice to generate secure RSA keys; see Silverman [10] and Menezes, van Oorschot and Vanstone [7, Section 8.2.3] There have been concerns about first party attacks on RSA signatures, where a user deliberately chooses a weak key; see the ANSI X9.31 standard [1, Section C. 2] and Pinch [9]. Property 3 of our generation method will guard against such attacks. To help guard against first party attacks, it has been proposed [1] that the factors of an RSA modulus should always be chosen to be strong primes. This restriction on the modulus is not helpful in the situation we are ....

R.G.E. Pinch, `On using Carmichael numbers for public key encryption systems', in M. Darnell, editor, Cryptography and coding, 6th IMS conference, Cirencester, Lecture Notes in Computer Science Vol. 1355, Springer-Verlag, 1997, pp. 265--269.

....Therefore, from Theorems 4 and 5, the previous discussion still applies to elliptic curve based cryptosystems and the conclusion of Rivest and Silverman remains valid, i.e. the use of strong primes offers (quasi) no additional security against cycling attacks. However, as remarked by Pinch [21], a user might intentionally choose a weak RSA modulus. Suppose that a user chooses his public RSA modulus n = pq so that a cycling attack is possible. In that case, this user can repudiate a document by asserting that an intruder has discovered by chance (the probability of a cycling attack is ....

R.G.E. Pinch. On using Carmichael numbers for public-key encryption systems. In M. Darnell, editor, Cryptography and Coding, volume 1355 of Lecture Notes in Computer Science, pages 265--269, Springer-Verlag, 1997.

No context found.

R.G.E. Pinch. On using Carmichael numbers for public-key encryption systems. In M. Darnell, editor, Cryptography and Coding, volume 1355 of Lecture Notes in Computer Science, pages 265--269, Springer-Verlag, 1997.

No context found.

R.G.E. Pinch. On using Carmichael numbers for public-key encryption systems. In M. Darnell, editor, Cryptography and Coding, volume 1355 of Lecture Notes in Computer Science, pages 265--269, Springer-Verlag, 1997.

No context found.

R.G.E. Pinch. On using Carmichael numbers for public-key encryption systems. In M. Darnell, editor, Cryptography and Coding, volume 1355 of Lecture Notes in Computer Science, pages 265--269, Springer-Verlag, 1997.

No context found.

R.G.E. Pinch. On using Carmichael numbers for public-key encryption systems. In M. Darnell, editor, Cryptography and Coding, volume 1355 of Lecture Notes in Computer Science, pages 265--269, Springer-Verlag, 1997.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC