Cryptology ePrint Archive: Report 2009/315

Breaking RSA-based PIN Encryption with thirty ciphertext validity queries

N.P. Smart

Abstract: We show that one can recover the PIN from a standardised RSA-based PIN encryption algorithm from a small number of queries to a ciphertext validity checking oracle. The validity checking oracle required is rather special and we discuss whether such oracles could be obtained in the real world. Our method works using a minor extension to the ideas of Bleichenbacher and Manger, in particular we obtain information from negative, as well as positive, responses from the validity checking oracle.

Category / Keywords:

Date: received 27 Jun 2009

Contact author: nigel at cs bris ac uk

Available formats: PDF | BibTeX Citation

Version: 20090701:100250 (All versions of this report)

Discussion forum: Show discussion | Start new discussion