Designs, Codes and Cryptography

, Volume 23, Issue 3, pp 283–290

Lattice Attacks on Digital Signature Schemes


  • N. A. Howgrave-Graham
    • T. J. Watson Research CenterIBM
  • N. P. Smart
    • Department of Computer ScienceBristol University

DOI: 10.1023/A:1011214926272

Cite this article as:
Howgrave-Graham, N.A. & Smart, N.P. Designs, Codes and Cryptography (2001) 23: 283. doi:10.1023/A:1011214926272


We describe a lattice attack on the Digital Signature Algorithm (DSA) when used to sign many messages, mi, under the assumption that a proportion of the bits of each of the associated ephemeral keys, yi, can be recovered by alternative techniques.

digital signatures lattices

Copyright information

© Kluwer Academic Publishers 2001