Skip to main content
Conference ProceedingsOPEN ACCESS

A key recovery attack on discrete log-based schemes using a prime order subgroup

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (1997) 1294 249-263
DOI: 10.1007/BFb0052240
132Citations
Citations of this article
65Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Consider the well-known oracle attack: somehow one gets a certain computation result as a function of a secret key from the secret key owner and tries to extract some information on the secret key. This attacking scenario is well understood in the cryptographic community. However, there are many protocols based on the discrete logarithm problem that turn out to leak many of the secret key bits from this oracle attack, unless suitable checkings are carried out. In this paper we present a key recovery attack on various discrete log-based schemes working in a prime order subgroup. Our attack may reveal part of, or the whole secret key in most Diffie-Hellman-type key exchange protocols and some applications of ElGamal encryption and signature schemes.

Cite

CITATION STYLE

APA

Lim, C. H., & Lee, P. J. (1997). A key recovery attack on discrete log-based schemes using a prime order subgroup. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1294, pp. 249–263). Springer Verlag. https://doi.org/10.1007/BFb0052240

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free