Abstract
This paper analyzes the KMOV public key cryptosystem, which is an elliptic curve based analogue to RSA. It was believed that this cryptosystem is more secure against attacks without factoring such as the Håstad-attack in broadcast application. Some new attacks on KMOV are presented in this paper that show the converse. In particular, it is shown that some attacks on RSA which work only when a small public exponent e is used can be extended to KMOV, but with no restriction on e. The implication of these attacks on related cryptosystems are also discussed.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
J. Borst. Public key cryptosystems using elliptic curves. Master's thesis, Eindhoven University of Technology, Feb. 1997.
H. Cohen. A Course in Computational Algebraic Number Theory. Number 138 in Graduate Texts in Mathematics. Springer Verlag, 1993.
D. Coppersmith. Finding a small root of a univariate modular equation. In Advances in Cryptology — EUROCRYPT '96, volume 1070 of Lecture Notes in Computer Science, pages 155–165. Springer Verlag, 1996.
D. Coppersmith, M. Franklin, J. Patarin, and M. Reiter. Low exponent RSA with related messages. In Advances in Cryptology — EUROCRYPT '96, volume 1070 of Lecture Notes in Computer Science, pages 1–9. Springer Verlag, 1996.
N. Demytko. A new elliptic curve based analogue of RSA. In T. Helleseth, editor, Advances in Cryptology — EUROCRYPT '93, volume 765 of Lecture notes in computer science, pages 40–49. Springer-Verlag, 1994.
J. Håstad. Solving simultaneous modular equations of low degree. SIAM J. Computing, 17(2):336–341, Apr. 1988.
M. Joye and J.-J. Quisquater. Overview and security analysis of RSA-type cryptosystems against various attacks. In Proc. of DIMACS workshop on network threats, Nov. 1996.
M. Joye and J.-J. Quisquater. Protocol failure for RSA-like functions using Lucas sequences and elliptic curves over a ring. In M. Lomas, editor, Security Protocols, volume 1189 of Lecture Notes in Computer Science, pages 93–100. Springer Verlag, 1997.
N. Koblitz. Elliptic curve cryptosystems. Mathematics of Computation, 48(177):203–209, 1987.
K. Koyama. Fast RSA-type schemes based on singular cubic curves y 2+axy=x 3 (mod n). In Advances in Cryptology — EUROCRYPT '95, volume 921 of Lecture Notes in Computer Science, pages 329–340. Springer, 1995.
K. Koyama, U. Maurer, T. Okamoto, and S. Vanstone. New public-key schemes based on elliptic curves over the ring Z n. In J. Feigenbaum, editor, Advances in Cryptology — CRYPTO '91, volume 576, pages 252–266. Springer Verlag, 1992. Lecture Notes in Computer Science.
K. Kurosawa, K. Okada, and S. Tsujii. Low exponent attack against elliptic curve RSA. In Advances in Cryptology — ASIACRYPT 94, volume 917, pages 376–383. Springer Verlag, 1995.
H. Kuwakado and K. Koyama. Efficient cryptosystems over elliptic curves based on a product of form-free primes. IEICE Transactions on fundamentals of electronics, communications and computer sciences, E77-A(8):1309–1318, Aug. 1994.
H. Kuwakado and K. Koyama. Security of RSA-type cryptosystems over elliptic curves against Håstad attack. Electronic Letters, 30(22):1843–1844, Oct. 1994.
A. Menezes, editor. Elliptic Curve Public Key Cryptosystems. Kluwer Academic Publishers, 1993.
V. S. Miller. Use of elliptic curves in cryptography. In H. C. Williams, editor, Advances in Cryptology — CRYPTO '85, volume 218 of Lecture Notes in Computer Science, pages 417–426. Springer, 1986.
L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126, 1978.
C. P. Schnorr and M. Euchner. Lattice basis reduction: Improved practical algorithms and solving subset sum problems. In L. Budach, editor, Proceedings of Fundamentals of Computation Theory (FCT '91), volume 529 of Lecture Notes in Computer Science, pages 68–85. Springer Verlag, Sept. 1991.
H. Shimizu. On the improvement of the Håstad bound. In 1996 IEICE Fall Conference, volume A-162, 1996. (In Japanese).
T. Takagi and S. Naito. The multi-variable modular polynomial and its applications to cryptography. In 7th International Symposium on Algorithm and Computation, ISAAC'96, volume 1178 of Lecture Notes in Computer Science, pages 386–396. Springer Verlag, 1996.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1997 Springer-Verlag
About this paper
Cite this paper
Bleichenbacher, D. (1997). On the security of the KMOV public key cryptosystem. In: Kaliski, B.S. (eds) Advances in Cryptology — CRYPTO '97. CRYPTO 1997. Lecture Notes in Computer Science, vol 1294. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0052239
Download citation
DOI: https://doi.org/10.1007/BFb0052239
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-63384-6
Online ISBN: 978-3-540-69528-8
eBook Packages: Springer Book Archive