Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on the Theory and Applications of Cryptographic Techniques

EUROCRYPT 2003: Advances in Cryptology — EUROCRYPT 2003 pp 462–476Cite as

  1. Home
  2. Advances in Cryptology — EUROCRYPT 2003
  3. Conference paper
On the Security of RDSA

On the Security of RDSA

  • Pierre-Alain Fouque5 &
  • Guillaume Poupard5 
  • Conference paper
  • First Online: 01 January 2003
  • 3374 Accesses

  • 1 Citations

Part of the Lecture Notes in Computer Science book series (LNCS,volume 2656)

Abstract

A variant of Schnorr’s signature scheme called RDSA has been proposed by I. Biehl, J. Buchmann, S. Hamdy and A. Meyer in order to be used in finite abelian groups of unknown order such as the class group of imaginary quadratic orders. We describe in this paper a total break of RDSA under a plain known-message attack for the parameters that were originally proposed. It recovers the secret signature key from the knowledge of less than 10 signatures of known messages, with a very low computational complexity.

We also compare a repaired version of RDSA with GPS scheme, another Schnorr variant with similar properties and we show that GPS should be preferred for most of the applications.

Keywords

  • Signature scheme
  • cryptanalysis
  • DSA variant
  • known-message attack
  • lattice reduction
  • GPS

Download conference paper PDF

References

  1. I. Biehl, J. Buchmann, S. Hamdy, and A. Meyer. A Signature Scheme Based on the Intractability of Computing Roots. Designs, Codes and Cryptography, 25(3):223–236, March 2002.

    CrossRef  MATH  MathSciNet  Google Scholar 

  2. J. Buchmann and S. Hamdy. A Survey on IQ Cryptography. In Public-Key Cryptography and Computational Number Theory, pages 1–15. Walter de Gruyter, 2001.

    Google Scholar 

  3. A. Fiat and A. Shamir. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In Advances in Cryptology — proceedings of CRYPTO’ 86, Lecture Notes in Computer Science volume 263, pages 186–194. Springer-Verlag, 1987.

    Google Scholar 

  4. M. Girault. Self-Certified Public Keys. In Advances in Cryptology — proceedings of EUROCRYPT’ 91, Lecture Notes in Computer Science volume 547, pages 490–497. Springer-Verlag, 1992.

    Google Scholar 

  5. N. Howgrave-Graham and N.P. Smart. Lattice attacks on digital signature schemes. Design, Codes and Cryptography, 23:283–290, 2001.

    CrossRef  MATH  MathSciNet  Google Scholar 

  6. A. Joux and J. Stern. Lattice reduction: A toolbox for the cryptanalyst. Journal of Cryptology, 11(3):161–185, 1998.

    CrossRef  MATH  MathSciNet  Google Scholar 

  7. A. K. Lenstra, H. W. Lenstra, Jr., and L. Lovász. Factoring polynomials with rational coefficients. Mathematische Annalen, 261, 1982.

    Google Scholar 

  8. P.Q. Nguyen and I.E. Shparlinski. The Insecurity of the Digital Signature Algorithm with Partially Known Nonces. Journal of Cryptology, 15(3):151–176, 2002.

    CrossRef  MATH  MathSciNet  Google Scholar 

  9. NIST. Digital Signature Standard (DSS). Federal Information Processing Standards PUBlication 186-2, february 2000.

    Google Scholar 

  10. D. Pointcheval and J. Stern. Security Arguments for Digital Signatures and Blind Signatures. Journal of Cryptology, 13(3):361–396, 2000.

    CrossRef  MATH  Google Scholar 

  11. J. M. Pollard. Monte Carlo Methods for Index Computation (mod p). Mathematics of Computation, 32(143):918–924, July 1978.

    CrossRef  MATH  MathSciNet  Google Scholar 

  12. G. Poupard and J. Stern. Security Analysis of a Practical “on the fly” Authentication and Signature Generation. In Advances in Cryptology-proceedings of EUROCRYPT’ 98, Lecture Notes in Computer Science volume 1403, pages 422–436. Springer-Verlag, 1998.

    CrossRef  Google Scholar 

  13. C. P. Schnorr. Efficient Identification and Signatures for Smart Cards. In Advances in Cryptology — proceedings of CRYPTO’ 89, Lecture Notes in Computer Science volume 435, pages 235–251. Springer-Verlag, 1990.

    CrossRef  Google Scholar 

  14. C. P. Schnorr. Efficient Signature Generation by Smart Cards. Journal of Cryptology, 4(3): 161–174, 1991.

    CrossRef  MATH  MathSciNet  Google Scholar 

  15. V. Shoup. Lower Bounds for Discrete Logarithms and Related Problems. In Advances in Cryptology-proceedings of EUROCRYPT’ 97, Lecture Notes in Computer Science volume 1233, pages 256–266. Springer-Verlag, 1997.

    Google Scholar 

  16. P. C. van Oorschot and M. J. Wiener. On Diffie-Hellman Key Agreement with Short Exponents. In Advances in Cryptology — proceedings of EUROCRYPT’ 96, Lecture Notes in Computer Science volume 1070, pages 332–343. Springer-Verlag, 1996.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. DCSSI Crypto Lab, 51 Boulevard de La Tour-Maubourg, 75700, Paris 07, SP, France

    Pierre-Alain Fouque & Guillaume Poupard

Authors
  1. Pierre-Alain Fouque
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Guillaume Poupard
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, Technion — Israel Institute of Technology, Haifa, 32000, Israel

    Eli Biham

Rights and permissions

Reprints and Permissions

Copyright information

© 2003 International Association for Cryptologic Research

About this paper

Cite this paper

Fouque, PA., Poupard, G. (2003). On the Security of RDSA. In: Biham, E. (eds) Advances in Cryptology — EUROCRYPT 2003. EUROCRYPT 2003. Lecture Notes in Computer Science, vol 2656. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-39200-9_29

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/3-540-39200-9_29

  • Published: 13 May 2003

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-14039-9

  • Online ISBN: 978-3-540-39200-2

  • eBook Packages: Springer Book Archive

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature