The insecurity of nyberg–rueppel and other DSA-like signature schemes with partially known nonces

11Citations
Citations of this article
4Readers
Mendeley users who have this article in their library.
Get full text

Abstract

It has recently been proved by Nguyen and Shparlinski that the Digital Signature Algorithm (DSA) is insecure when a few consecutive bits of the random nonces k are known for a reasonably small number of DSA signatures. This result confirmed the efficiency of some heuristic lattice attacks designed and numerically verified by Howgrave-Graham and Smart. Here, we extend the attack to the Nyberg–Rueppel variants of DSA.We use a connection with the hidden number problem introduced by Boneh and Venkatesan and new bounds of exponential sums which might be of independent interest.

Cite

CITATION STYLE

APA

Mahassni, E. E., Nguyen, P. Q., & Shparlinski, I. E. (2001). The insecurity of nyberg–rueppel and other DSA-like signature schemes with partially known nonces. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2146, pp. 97–109). Springer Verlag. https://doi.org/10.1007/3-540-44670-2_9

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free