The insecurity of Nyberg-Rueppel and other DSA-like Signature schemes with partially known nonces
Identifieur interne : 00BB47 ( Main/Exploration ); précédent : 00BB46; suivant : 00BB48The insecurity of Nyberg-Rueppel and other DSA-like Signature schemes with partially known nonces
Auteurs : Edwin El Mahassni [Australie] ; Phong Q. Nguyen [France] ; Igor E. Shparlinski [Australie]Source :
- Lecture notes in computer science [ 0302-9743 ] ; 2001.
Descripteurs français
- Pascal (Inist)
- Wicri :
- topic : Cryptographie.
English descriptors
- KwdEn :
Abstract
It has recently been proved by Nguyen and Shparlinski that the Digital Signature Algorithm (DSA) is insecure when a few consecutive bits of the random nonces k are known for a reasonably small number of DSA signatures. This result confirmed the efficiency of some heuristic lattice attacks designed and numerically verified by Howgrave-Graham and Smart. Here, we extend the attack to the Nyberg-Rueppel variants of DSA. We use a connection with the hidden number problem introduced by Boneh and Venkatesan and new bounds of exponential sums which might be of independent interest.
Affiliations:
Links toward previous steps (curation, corpus...)
- to stream PascalFrancis, to step Corpus: 005B06
- to stream PascalFrancis, to step Curation: 000651
- to stream PascalFrancis, to step Checkpoint: 005654
- to stream Main, to step Merge: 00C999
- to stream Main, to step Curation: 00BB47
Le document en format XML
<record><TEI><teiHeader><fileDesc><titleStmt><title xml:lang="en" level="a">The insecurity of Nyberg-Rueppel and other DSA-like Signature schemes with partially known nonces</title>
<author><name sortKey="El Mahassni, Edwin" sort="El Mahassni, Edwin" uniqKey="El Mahassni E" first="Edwin" last="El Mahassni">Edwin El Mahassni</name>
<affiliation wicri:level="1"><inist:fA14 i1="01"><s1>Department of Computing, Macquarie University</s1>
<s2>NSW 2109</s2>
<s3>AUS</s3>
<sZ>1 aut.</sZ>
<sZ>3 aut.</sZ>
</inist:fA14>
<country>Australie</country>
<wicri:noRegion>NSW 2109</wicri:noRegion>
</affiliation>
</author>
<author><name sortKey="Nguyen, Phong Q" sort="Nguyen, Phong Q" uniqKey="Nguyen P" first="Phong Q." last="Nguyen">Phong Q. Nguyen</name>
<affiliation wicri:level="1"><inist:fA14 i1="02"><s1>École Normale Supérieure, Département d'Informatique 45 rue d'Ulm</s1>
<s2>75005 Paris</s2>
<s3>FRA</s3>
<sZ>2 aut.</sZ>
</inist:fA14>
<country>France</country>
<wicri:noRegion>75005 Paris</wicri:noRegion>
<placeName><settlement type="city">Paris</settlement>
<region type="région" nuts="2">Île-de-France</region>
</placeName>
</affiliation>
</author>
<author><name sortKey="Shparlinski, Igor E" sort="Shparlinski, Igor E" uniqKey="Shparlinski I" first="Igor E." last="Shparlinski">Igor E. Shparlinski</name>
<affiliation wicri:level="1"><inist:fA14 i1="01"><s1>Department of Computing, Macquarie University</s1>
<s2>NSW 2109</s2>
<s3>AUS</s3>
<sZ>1 aut.</sZ>
<sZ>3 aut.</sZ>
</inist:fA14>
<country>Australie</country>
<wicri:noRegion>NSW 2109</wicri:noRegion>
</affiliation>
</author>
</titleStmt>
<publicationStmt><idno type="wicri:source">INIST</idno>
<idno type="inist">01-0424509</idno>
<date when="2001">2001</date>
<idno type="stanalyst">PASCAL 01-0424509 INIST</idno>
<idno type="RBID">Pascal:01-0424509</idno>
<idno type="wicri:Area/PascalFrancis/Corpus">005B06</idno>
<idno type="wicri:Area/PascalFrancis/Curation">000651</idno>
<idno type="wicri:Area/PascalFrancis/Checkpoint">005654</idno>
<idno type="wicri:explorRef" wicri:stream="PascalFrancis" wicri:step="Checkpoint">005654</idno>
<idno type="wicri:doubleKey">0302-9743:2001:El Mahassni E:the:insecurity:of</idno>
<idno type="wicri:Area/Main/Merge">00C999</idno>
<idno type="wicri:Area/Main/Curation">00BB47</idno>
<idno type="wicri:Area/Main/Exploration">00BB47</idno>
</publicationStmt>
<sourceDesc><biblStruct><analytic><title xml:lang="en" level="a">The insecurity of Nyberg-Rueppel and other DSA-like Signature schemes with partially known nonces</title>
<author><name sortKey="El Mahassni, Edwin" sort="El Mahassni, Edwin" uniqKey="El Mahassni E" first="Edwin" last="El Mahassni">Edwin El Mahassni</name>
<affiliation wicri:level="1"><inist:fA14 i1="01"><s1>Department of Computing, Macquarie University</s1>
<s2>NSW 2109</s2>
<s3>AUS</s3>
<sZ>1 aut.</sZ>
<sZ>3 aut.</sZ>
</inist:fA14>
<country>Australie</country>
<wicri:noRegion>NSW 2109</wicri:noRegion>
</affiliation>
</author>
<author><name sortKey="Nguyen, Phong Q" sort="Nguyen, Phong Q" uniqKey="Nguyen P" first="Phong Q." last="Nguyen">Phong Q. Nguyen</name>
<affiliation wicri:level="1"><inist:fA14 i1="02"><s1>École Normale Supérieure, Département d'Informatique 45 rue d'Ulm</s1>
<s2>75005 Paris</s2>
<s3>FRA</s3>
<sZ>2 aut.</sZ>
</inist:fA14>
<country>France</country>
<wicri:noRegion>75005 Paris</wicri:noRegion>
<placeName><settlement type="city">Paris</settlement>
<region type="région" nuts="2">Île-de-France</region>
</placeName>
</affiliation>
</author>
<author><name sortKey="Shparlinski, Igor E" sort="Shparlinski, Igor E" uniqKey="Shparlinski I" first="Igor E." last="Shparlinski">Igor E. Shparlinski</name>
<affiliation wicri:level="1"><inist:fA14 i1="01"><s1>Department of Computing, Macquarie University</s1>
<s2>NSW 2109</s2>
<s3>AUS</s3>
<sZ>1 aut.</sZ>
<sZ>3 aut.</sZ>
</inist:fA14>
<country>Australie</country>
<wicri:noRegion>NSW 2109</wicri:noRegion>
</affiliation>
</author>
</analytic>
<series><title level="j" type="main">Lecture notes in computer science</title>
<idno type="ISSN">0302-9743</idno>
<imprint><date when="2001">2001</date>
</imprint>
</series>
</biblStruct>
</sourceDesc>
<seriesStmt><title level="j" type="main">Lecture notes in computer science</title>
<idno type="ISSN">0302-9743</idno>
</seriesStmt>
</fileDesc>
<profileDesc><textClass><keywords scheme="KwdEn" xml:lang="en"><term>Closest vector problem</term>
<term>Cryptography</term>
<term>Digital signature</term>
<term>Exponential sum</term>
<term>Hidden number problem</term>
</keywords>
<keywords scheme="Pascal" xml:lang="fr"><term>Cryptographie</term>
<term>Signature numérique</term>
<term>Probleme nombre caché</term>
<term>Problème vecteur le plus proche</term>
<term>Somme exponentielle</term>
</keywords>
<keywords scheme="Wicri" type="topic" xml:lang="fr"><term>Cryptographie</term>
</keywords>
</textClass>
</profileDesc>
</teiHeader>
<front><div type="abstract" xml:lang="en">It has recently been proved by Nguyen and Shparlinski that the Digital Signature Algorithm (DSA) is insecure when a few consecutive bits of the random nonces k are known for a reasonably small number of DSA signatures. This result confirmed the efficiency of some heuristic lattice attacks designed and numerically verified by Howgrave-Graham and Smart. Here, we extend the attack to the Nyberg-Rueppel variants of DSA. We use a connection with the hidden number problem introduced by Boneh and Venkatesan and new bounds of exponential sums which might be of independent interest.</div>
</front>
</TEI>
<affiliations><list><country><li>Australie</li>
<li>France</li>
</country>
<region><li>Île-de-France</li>
</region>
<settlement><li>Paris</li>
</settlement>
</list>
<tree><country name="Australie"><noRegion><name sortKey="El Mahassni, Edwin" sort="El Mahassni, Edwin" uniqKey="El Mahassni E" first="Edwin" last="El Mahassni">Edwin El Mahassni</name>
</noRegion>
<name sortKey="Shparlinski, Igor E" sort="Shparlinski, Igor E" uniqKey="Shparlinski I" first="Igor E." last="Shparlinski">Igor E. Shparlinski</name>
</country>
<country name="France"><region name="Île-de-France"><name sortKey="Nguyen, Phong Q" sort="Nguyen, Phong Q" uniqKey="Nguyen P" first="Phong Q." last="Nguyen">Phong Q. Nguyen</name>
</region>
</country>
</tree>
</affiliations>
</record>
Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Asie/explor/AustralieFrV1/Data/Main/Exploration
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 00BB47 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 00BB47 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien |wiki= Wicri/Asie |area= AustralieFrV1 |flux= Main |étape= Exploration |type= RBID |clé= Pascal:01-0424509 |texte= The insecurity of Nyberg-Rueppel and other DSA-like Signature schemes with partially known nonces }}
This area was generated with Dilib version V0.6.33. |