2006/08/29 - RSA署名の不味い実装の話らしいで取上げたDaniel Bleichenbacherによる攻撃を拡張したらしい.

参考: T. Izu, T. Shimoyama, and M. Takenaka. "How to Forge a Time-Stamp Which Adobe’s Acrobat Accepts." (IMA CCC 2007)

This paper shows how to forge a time-stamp which the latest version of Adobe’s Acrobat and Acrobat Reader accept improperly. The target signature algorithm is RSASSA-PKCS1-v1_5 with a 1024-bit public composite and the public key e = 3, and our construction is based on Bleichenbacher’s forgery attack presented in CRYPTO 2006. Since the original attack is not able to forge with these parameters, we used an extended attack described in this paper. Numerical examples of the forged signatures and times-stamp are also provided.
Keywords Bleichenbacher’s forgery attack - RSASSA-PKCS-v1_5 - time-stamp forgery - Acrobat - Acrobat Reader