Errors Matter: Breaking RSA-Based PIN Encryption with Thirty Ciphertext Validity QueriesNigel Smart, Errors Matter: Breaking RSA-Based PIN Encryption with Thirty Ciphertext Validity Queries . Topics in Cryptology - CT-RSA 2010. ISBN 978-3-642-11924-8, pp. 15–25. March 2010. No electronic version available. External information
We show that one can recover the PIN from a standardized RSA-based PIN encryption algorithm from a small number of queries to a ciphertext validity checking oracle. The validity checking oracle required is rather special and we discuss whether such oracles could be obtained in the real world. Our method works using a minor extension to the ideas of Bleichenbacher and Manger, in particular we obtain information from negative, as well as positive, responses from the validity checking oracle.