Newsgroups: sci.crypt
From: hoey@zogwarg.etl.army.mil (Dan Hoey)
Date: 1 Feb 92 01:42:28 GMT
Subject: Re: Determining RSA private key given blackbox

I believe there is a result that shows RSA to be insecure if you have
the public encryption algorithm and a black box for decrypting chosen
ciphertexts (where you don't get to choose ciphertexts that have been
output as the encryption of secret messages, of course).  My
recollection is that it appeared at the Foundations of Computer
Science conference in 1982 or 1983, the one in Chicago.
Unfortunately, I didn't understand it then, and I haven't figured it
out since, and I can't locate the proceedings just now.  I'm sure it
was a much harder method than the one b...@CS.CMU.EDU (Bennet Yee)
posted, which seems to be flawed.  It was probably a randomized
attack, and had something to do with navigating sawtoothed functions.
If someone knows about the paper, like whether it has been refuted or
improved, I'd appreciate it if you'd drop me a line.

Dan Hoey
Hoey@AIC.NRL.Navy.Mil