We present some observations on public-key cryptosystems that use the Chine
se remaindering algorithm. Our results imply that careless implementations
of such systems could be vulnerable. Only one faulty signature, in some exp
lained context, is enough to recover the secret key.