A key recovery attack on discrete log-based schemes using a prime order subgroup
Consider the well-known oracle attack: somehow one gets a certain computation result as a function of a secret key from the secret key owner and tries to extract some information on the secret key. This attacking scenario is well understood in the cryptographic community. However, there are many pro...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Buchkapitel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 263 |
|---|---|
| container_issue | |
| container_start_page | 249 |
| container_title | |
| container_volume | |
| creator | Lim, Chae Hoon Lee, Pil Joong |
| description | Consider the well-known oracle attack: somehow one gets a certain computation result as a function of a secret key from the secret key owner and tries to extract some information on the secret key. This attacking scenario is well understood in the cryptographic community. However, there are many protocols based on the discrete logarithm problem that turn out to leak many of the secret key bits from this oracle attack, unless suitable checkings are carried out. In this paper we present a key recovery attack on various discrete log-based schemes working in a prime order subgroup. Our attack may reveal part of, or the whole secret key in most Diffie-Hellman-type key exchange protocols and some applications of ElGamal encryption and signature schemes. |
| doi_str_mv | 10.1007/BFb0052240 |
| format | Book Chapter |
| fullrecord | <record><control><sourceid>pascalfrancis_sprin</sourceid><recordid>TN_cdi_pascalfrancis_primary_2734195</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2734195</sourcerecordid><originalsourceid>FETCH-LOGICAL-c360t-4a72df09099a1ef373c0c9afc31ef6c24fce66f1a0e38a0985f0a6383a4dd09c3</originalsourceid><addsrcrecordid>eNpFUMtOwzAQNC-JUnrhC3zgwCWw9joPH6GigFQJDnCONs46hD5S2SlS_56UIjGX0WhGo9EIcaXgVgHkdw-zCiDV2sCRmNi8wNRAZlNdFMdipDKlEkRjT8TFr4FYmPxUjABBJzY3eC4mMX7BANRgdToSb_dywTsZ2HXfHHaS-p7cQnZrWbfRBe5ZLrsmqShyLaP75BVHuY3tupEkN6FdsexCzUHGbdWEbru5FGeelpEnfzwWH7PH9-lzMn99epnezxOHGfSJoVzXHixYS4o95ujAWfIOB5U5bbzjLPOKgLEgsEXqgTIskExdg3U4FteH3g1FR0sfaO3aWO4nUdiVOkejbDrEbg6xODjrhkNZdd0ilgrK_aHl_6H4A7A0Yvk</addsrcrecordid><sourcetype>Index Database</sourcetype><iscdi>true</iscdi><recordtype>book_chapter</recordtype></control><display><type>book_chapter</type><title>A key recovery attack on discrete log-based schemes using a prime order subgroup</title><source>Springer Books</source><creator>Lim, Chae Hoon ; Lee, Pil Joong</creator><contributor>Kaliski, Burton S.</contributor><creatorcontrib>Lim, Chae Hoon ; Lee, Pil Joong ; Kaliski, Burton S.</creatorcontrib><description>Consider the well-known oracle attack: somehow one gets a certain computation result as a function of a secret key from the secret key owner and tries to extract some information on the secret key. This attacking scenario is well understood in the cryptographic community. However, there are many protocols based on the discrete logarithm problem that turn out to leak many of the secret key bits from this oracle attack, unless suitable checkings are carried out. In this paper we present a key recovery attack on various discrete log-based schemes working in a prime order subgroup. Our attack may reveal part of, or the whole secret key in most Diffie-Hellman-type key exchange protocols and some applications of ElGamal encryption and signature schemes.</description><identifier>ISSN: 0302-9743</identifier><identifier>ISBN: 3540633847</identifier><identifier>ISBN: 9783540633846</identifier><identifier>EISSN: 1611-3349</identifier><identifier>EISBN: 9783540695288</identifier><identifier>EISBN: 3540695281</identifier><identifier>DOI: 10.1007/BFb0052240</identifier><language>eng</language><publisher>Berlin, Heidelberg: Springer Berlin Heidelberg</publisher><subject>Applied sciences ; Computer science; control theory; systems ; Cryptography ; Exact sciences and technology ; Information, signal and communications theory ; Miscellaneous ; Signal and communications theory ; Telecommunications and information theory ; Theoretical computing</subject><ispartof>Advances in Cryptology — CRYPTO '97, 1997, p.249-263</ispartof><rights>Springer-Verlag 1997</rights><rights>1997 INIST-CNRS</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c360t-4a72df09099a1ef373c0c9afc31ef6c24fce66f1a0e38a0985f0a6383a4dd09c3</citedby><relation>Lecture Notes in Computer Science</relation></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/BFb0052240$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/BFb0052240$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>309,310,779,780,784,789,790,793,27925,38255,41442,42511</link.rule.ids><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=2734195$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><contributor>Kaliski, Burton S.</contributor><creatorcontrib>Lim, Chae Hoon</creatorcontrib><creatorcontrib>Lee, Pil Joong</creatorcontrib><title>A key recovery attack on discrete log-based schemes using a prime order subgroup</title><title>Advances in Cryptology — CRYPTO '97</title><description>Consider the well-known oracle attack: somehow one gets a certain computation result as a function of a secret key from the secret key owner and tries to extract some information on the secret key. This attacking scenario is well understood in the cryptographic community. However, there are many protocols based on the discrete logarithm problem that turn out to leak many of the secret key bits from this oracle attack, unless suitable checkings are carried out. In this paper we present a key recovery attack on various discrete log-based schemes working in a prime order subgroup. Our attack may reveal part of, or the whole secret key in most Diffie-Hellman-type key exchange protocols and some applications of ElGamal encryption and signature schemes.</description><subject>Applied sciences</subject><subject>Computer science; control theory; systems</subject><subject>Cryptography</subject><subject>Exact sciences and technology</subject><subject>Information, signal and communications theory</subject><subject>Miscellaneous</subject><subject>Signal and communications theory</subject><subject>Telecommunications and information theory</subject><subject>Theoretical computing</subject><issn>0302-9743</issn><issn>1611-3349</issn><isbn>3540633847</isbn><isbn>9783540633846</isbn><isbn>9783540695288</isbn><isbn>3540695281</isbn><fulltext>true</fulltext><rsrctype>book_chapter</rsrctype><creationdate>1997</creationdate><recordtype>book_chapter</recordtype><recordid>eNpFUMtOwzAQNC-JUnrhC3zgwCWw9joPH6GigFQJDnCONs46hD5S2SlS_56UIjGX0WhGo9EIcaXgVgHkdw-zCiDV2sCRmNi8wNRAZlNdFMdipDKlEkRjT8TFr4FYmPxUjABBJzY3eC4mMX7BANRgdToSb_dywTsZ2HXfHHaS-p7cQnZrWbfRBe5ZLrsmqShyLaP75BVHuY3tupEkN6FdsexCzUHGbdWEbru5FGeelpEnfzwWH7PH9-lzMn99epnezxOHGfSJoVzXHixYS4o95ujAWfIOB5U5bbzjLPOKgLEgsEXqgTIskExdg3U4FteH3g1FR0sfaO3aWO4nUdiVOkejbDrEbg6xODjrhkNZdd0ilgrK_aHl_6H4A7A0Yvk</recordid><startdate>19970101</startdate><enddate>19970101</enddate><creator>Lim, Chae Hoon</creator><creator>Lee, Pil Joong</creator><general>Springer Berlin Heidelberg</general><general>Springer-Verlag</general><scope>IQODW</scope></search><sort><creationdate>19970101</creationdate><title>A key recovery attack on discrete log-based schemes using a prime order subgroup</title><author>Lim, Chae Hoon ; Lee, Pil Joong</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c360t-4a72df09099a1ef373c0c9afc31ef6c24fce66f1a0e38a0985f0a6383a4dd09c3</frbrgroupid><rsrctype>book_chapters</rsrctype><prefilter>book_chapters</prefilter><language>eng</language><creationdate>1997</creationdate><topic>Applied sciences</topic><topic>Computer science; control theory; systems</topic><topic>Cryptography</topic><topic>Exact sciences and technology</topic><topic>Information, signal and communications theory</topic><topic>Miscellaneous</topic><topic>Signal and communications theory</topic><topic>Telecommunications and information theory</topic><topic>Theoretical computing</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Lim, Chae Hoon</creatorcontrib><creatorcontrib>Lee, Pil Joong</creatorcontrib><collection>Pascal-Francis</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Lim, Chae Hoon</au><au>Lee, Pil Joong</au><au>Kaliski, Burton S.</au><format>book</format><genre>bookitem</genre><ristype>CHAP</ristype><atitle>A key recovery attack on discrete log-based schemes using a prime order subgroup</atitle><btitle>Advances in Cryptology — CRYPTO '97</btitle><seriestitle>Lecture Notes in Computer Science</seriestitle><date>1997-01-01</date><risdate>1997</risdate><spage>249</spage><epage>263</epage><pages>249-263</pages><issn>0302-9743</issn><eissn>1611-3349</eissn><isbn>3540633847</isbn><isbn>9783540633846</isbn><eisbn>9783540695288</eisbn><eisbn>3540695281</eisbn><abstract>Consider the well-known oracle attack: somehow one gets a certain computation result as a function of a secret key from the secret key owner and tries to extract some information on the secret key. This attacking scenario is well understood in the cryptographic community. However, there are many protocols based on the discrete logarithm problem that turn out to leak many of the secret key bits from this oracle attack, unless suitable checkings are carried out. In this paper we present a key recovery attack on various discrete log-based schemes working in a prime order subgroup. Our attack may reveal part of, or the whole secret key in most Diffie-Hellman-type key exchange protocols and some applications of ElGamal encryption and signature schemes.</abstract><cop>Berlin, Heidelberg</cop><pub>Springer Berlin Heidelberg</pub><doi>10.1007/BFb0052240</doi><tpages>15</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0302-9743 |
| ispartof | Advances in Cryptology — CRYPTO '97, 1997, p.249-263 |
| issn | 0302-9743 1611-3349 |
| language | eng |
| recordid | cdi_pascalfrancis_primary_2734195 |
| source | Springer Books |
| subjects | Applied sciences Computer science control theory systems Cryptography Exact sciences and technology Information, signal and communications theory Miscellaneous Signal and communications theory Telecommunications and information theory Theoretical computing |
| title | A key recovery attack on discrete log-based schemes using a prime order subgroup |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-02T17%3A57%3A06IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-pascalfrancis_sprin&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=bookitem&rft.atitle=A%20key%20recovery%20attack%20on%20discrete%20log-based%20schemes%20using%20a%20prime%20order%20subgroup&rft.btitle=Advances%20in%20Cryptology%20%E2%80%94%20CRYPTO%20'97&rft.au=Lim,%20Chae%20Hoon&rft.date=1997-01-01&rft.spage=249&rft.epage=263&rft.pages=249-263&rft.issn=0302-9743&rft.eissn=1611-3349&rft.isbn=3540633847&rft.isbn_list=9783540633846&rft_id=info:doi/10.1007/BFb0052240&rft_dat=%3Cpascalfrancis_sprin%3E2734195%3C/pascalfrancis_sprin%3E%3Curl%3E%3C/url%3E&rft.eisbn=9783540695288&rft.eisbn_list=3540695281&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |