0Pricing
Cryptology Academy · Lesson

Textbook RSA & Why It Is Insecure

Demonstrate malleability, small-exponent attacks, and e=3 vulnerabilities.

Welcome

Textbook RSA (raw modular exponentiation) has multiple critical vulnerabilities. In this lesson we explore each attack and understand why padding is not optional.

Determinism Attack

Textbook RSA is deterministic: Enc(M) always produces the same C. An attacker can encrypt candidate messages and compare with the target ciphertext. Breaks confidentiality of small message spaces.

All lessons in this course

  1. Textbook RSA & Why It Is Insecure
  2. PKCS#1 v1.5 Padding & Bleichenbacher
  3. OAEP: Optimal Asymmetric Encryption Padding
  4. RSA-PSS for Digital Signatures
← Back to Cryptology Academy