New lattice attacks on DSA schemes

Abstract We prove that a system of linear congruences of a particular form has at most a unique solution below a certain bound which can be computed efficiently. Using this result, we develop attacks against the DSA schemes which, under some assumptions, can provide the secret key in the case where one or several signed messages are available.

[1]  조위덕 Cryptography , 1987, The Official (ISC)2 SSCP CBK Reference.

[2]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[3]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[4]  Dimitrios Poulakis,et al.  Some lattice attacks on DSA and ECDSA , 2011, Applicable Algebra in Engineering, Communication and Computing.

[5]  Igor E. Shparlinski,et al.  The Insecurity of the Elliptic Curve Digital Signature Algorithm with Partially Known Nonces , 2003, Des. Codes Cryptogr..

[6]  Igor E. Shparlinski,et al.  The Insecurity of the Digital Signature Algorithm with Partially Known Nonces , 2002, Journal of Cryptology.

[7]  Daniele Micciancio,et al.  A Deterministic Single Exponential Time Algorithm for Most Lattice Problems Based on Voronoi Cell Computations , 2013, SIAM J. Comput..

[8]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[9]  Shirley Dex,et al.  JR 旅客販売総合システム(マルス)における運用及び管理について , 1991 .

[10]  Alfred Menezes,et al.  The State of Elliptic Curve Cryptography , 2000, Des. Codes Cryptogr..

[11]  Ian F. Blake,et al.  On the Security of the Digital Signature Algorithm , 2002, Des. Codes Cryptogr..

[12]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[13]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[14]  Jean-Charles Faugère,et al.  Attacking (EC)DSA Given Only an Implicit Hint , 2012, Selected Areas in Cryptography.

[15]  Nigel P. Smart,et al.  Lattice Attacks on Digital Signature Schemes , 2001, Des. Codes Cryptogr..

[16]  Mihir Bellare,et al.  "Pseudo-Random" Number Generation Within Cryptographic Algorithms: The DDS Case , 1997, CRYPTO.

[17]  Nick Howgrave-Graham,et al.  Finding Small Roots of Univariate Modular Equations Revisited , 1997, IMACC.

[18]  J. Hoffstein,et al.  An introduction to mathematical cryptography , 2008 .

[19]  Richard P. Brent,et al.  Modern Computer Arithmetic , 2010 .

[20]  Alfred Menezes,et al.  A Survey of Public-Key Cryptosystems , 2004, SIAM Rev..

[21]  Dimitrios Poulakis,et al.  Lattice Attacks on DSA Schemes Based on Lagrange's Algorithm , 2013, CAI.

[22]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[23]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[24]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .