Michael Ray, Yves C. Martin
Proceedings of SPIE - The International Society for Optical Engineering
We describe two different attacks against the ISO/IEC 9796-1 signature standard for RSA and Rabin. Both attacks consist in an existential forgery under a chosen-message attack: the attacker asks for the signature of some messages of his choice, and is then able to produce the signature of a message that was never signed by the legitimate signer. The first attack is a variant of Desmedt and Odlyzko's attack and requires a few hundreds of signatures. The second attack is more powerful and requires only three signatures. © 2007 International Association for Cryptologic Research.
Michael Ray, Yves C. Martin
Proceedings of SPIE - The International Society for Optical Engineering
Nimrod Megiddo
Journal of Symbolic Computation
Timothy J. Wiltshire, Joseph P. Kirk, et al.
SPIE Advanced Lithography 1998
Donald Samuels, Ian Stobert
SPIE Photomask Technology + EUV Lithography 2007