Skip to main content
SpringerLink
Log in

Minding your p's and q's

  • Conference paper
  • First Online:
Advances in Cryptology — ASIACRYPT '96 (ASIACRYPT 1996)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1163))

Abstract

Over the last year or two, a large number of attacks have been found by the authors and others on protocols based on the discrete logarithm problem, such as ElGamal signature and Diffie Hellman key exchange. These attacks depend on causing variables to assume values whose discrete logarithms can be calculated, whether by forcing a protocol exchange into a smooth subgroup or by choosing degenerate values directly. We survey these attacks and discuss how to build systems that are robust against them. In the process we elucidate a number of the design decisions behind the US Digital Signature Standard.

Laboratoire d'Informatique, research group affiliated with the CNRS.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. RJ Anderson, “Practical RSA Trapdoor”, in Electronics Letters v 29 no 11 (27/5/93) p 995

    Google Scholar 

  2. RJ Anderson, “Why Cryptosystems Fail”, in Communications of the ACM v 37 no 11 (Nov 94) pp 32–40

    Google Scholar 

  3. RJ Anderson, SJ Bezuidenhoudt, “On the Reliability of Electronic Payment Systems”, in IEEE Transactions on Software Engineering v 22 no 5 (May 1996) pp 294–301

    Article  Google Scholar 

  4. RJ Anderson, TMA Lomas, “On fortifying key negotiation schemes with poorly chosen passwords”, in Electronics letters v 30 no 12 (23rd July 1994) pp 1040–1041

    Google Scholar 

  5. RJ Anderson, RM Needham, “Robustness principles for public key protocols” in Advances in Cryptology — CRYPTO '95, Springer LNCS v 963 pp 236–247

    Google Scholar 

  6. R Anderson, S Vaudenay, B Preneel, K Nyberg, “The Newton Channel”, in Preproceedings of the First International Workshop on Information Hiding (30/5-1/6/96, Cambridge, UK) pp 143–148; proceedings to be published in Springer LNCS series

    Google Scholar 

  7. D. Bleichenbacher, “Generating ElGamal Signatures Without Knowing the Secret Key”, in Advances in Cryptology — Eurocrypt 96, Springer LNCS v 1070 pp 10–18

    Google Scholar 

  8. D. Bleichenbacher, ‘Efficiency and Security of Cryptosystems based on Number Theory’ Dissertation ETH No. 11404, Swiss Federal Institute of Technology, Zürich (1996)

    Google Scholar 

  9. “Securing Electronic Mail within HMG — part 1: Infrastructure and Protocol” 21 March 1996, CESG document T/3113TL/2776/11

    Google Scholar 

  10. B Chor, RL Rivest, “A knapsack-type public key cryptosystem based on arithmetic in finite fields”, in IEEE Transactions on Information Theory, v 34 (1988) pp 901–909

    Article  Google Scholar 

  11. Y Desmedt, P Landrock, A Lenstra, K McCurley, A Odlyzko, R Rueppel, M Smid, “The Eurocrypt 92 Controversial Issue — Trapdoor Primes and Moduli”, in Advances in Cryptology — Eurocrypt 92, Springer LNCS v 658 pp 194–199

    Google Scholar 

  12. W Diffie, PC van Oorschot, MJ Wiener, “Authentication and authenticated key exchanges”, in Designs, Codes and Cryptography v 2 (1992) pp 107–125

    Google Scholar 

  13. T ElGamal, “A Public Key Cryptosystem and a Signature Scheme based on Discrete Logarithms”, IEEE Transactions on Information Theory v 31 no 4 (1985) pp 469–472

    Article  Google Scholar 

  14. A Fiat, A Shamir, “How to prove yourself: practical solutions to identification and signature problems”, in Advances in Cryptology — CRYPTO 86, Springer LNCS v 263 pp 186–194

    Google Scholar 

  15. FH Hinsley, A Stripp, ‘Codebreakers', OUP 1993

    Google Scholar 

  16. A Joux, J Stern, “Lattice Reduction: a Toolbox for the Cryptanalyst”, to appear in Journal of Cryptology

    Google Scholar 

  17. N Jefferies, C Mitchell, M Walker, “A Proposed Architecture for Trusted Third Party Services”, in Cryptography: Policy and Algorithms, Springer LNCS v 1029 pp 98–104

    Google Scholar 

  18. M Just, S Vaudenay. “Authenticated multi-party key agreement”, in these proceedings

    Google Scholar 

  19. HW Lenstra, Jr., “On the Chor-Rivest Knapsack Cryptosystem”, in Journal of Cryptology v 3 (1991) pp 149–155

    Article  Google Scholar 

  20. L Letham, D Hoff and A Folmsbee, “A 128K EPROM Using Encryption of Pseudorandom Numbers to Enable Read Access”, in IEEE Journal of Solid State Circuits v SC-21 (Oct 1986) pp 881–888

    Article  Google Scholar 

  21. T Matsumoto, Y Takashima, H Imai. “On Seeking Smart Public-Key-Distribution Systems”, in Transactions of the IECE of Japan (1986) pp 99–106

    Google Scholar 

  22. D Naccache, ‘Signature Numérique et Preuves à Divulgation Nulle, Cryptanalyse, Défense et Outils Algorithmiques', Thèse de Doctorat de l'Ecole Nationale Supérieure des Télécommunications ENST 95 E 019 (1995)

    Google Scholar 

  23. National Institute of Standards and Technology, ‘Digital Signature Standard', FIPS Publication 186 (19 May 1994)

    Google Scholar 

  24. D Naccache, J Stern, “A new public-key encryption scheme”, presented at Luminy, September 1995

    Google Scholar 

  25. D Pointcheval, J Stern. “Security proofs for signature schemes”, in Advances in Cryptology — Eurocrypt 96, Springer LNCS v 1070 pp 387–398

    Google Scholar 

  26. CP Schnorr, “Efficient identification and signature for smart cards”, in Advances in Cryptology — CRYPTO 89, Springer LNCS v 435 pp 239–252

    Google Scholar 

  27. CP Schnorr, “Efficient signature generation by smart cards”, in Journal of Cryptology v 4 (1991) pp 161–174

    Article  Google Scholar 

  28. CP Schnorr, HH Hörner, “Attacking the Chor-Rivest Cryptosystem by improved lattice reduction”, in Advances in Cryptology — Eurocrypt 95, Springer LNCS v 921 pp 1–12

    Google Scholar 

  29. R Schroeppel, H Orman, S O'Malley, O Spatschek, “Fast Key Exchange with Elliptic Curve Systems”, in Advances in Cryptology — Crypto 95, Springer LNCS v 963 pp 43–56

    Google Scholar 

  30. S Vaudenay, “Hidden collisions on DSS”, in Advances in Cryptology — CRYPTO '96, Springer LNCS v 1109 pp 83–88

    Google Scholar 

  31. P. van Oorschot, M. J. Wiener, “On Diffie-Hellman key agreement with short exponents”, in Advances in Cryptology — Eurocrypt 96, Springer LNCS v 1070 pp 332–343

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Laboratory, Pembroke Street, CB2 3QG, Cambridge, England

    Ross Anderson

  2. Ecole Normal Supérieure - DMI, 45 rue d'Ulm, 75230, Paris, France

    Serge Vaudenay

Authors
  1. Ross Anderson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Serge Vaudenay
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Kwangjo Kim Tsutomu Matsumoto

Rights and permissions

Reprints and permissions

Copyright information

© 1996 Springer-Verlag

About this paper

Cite this paper

Anderson, R., Vaudenay, S. (1996). Minding your p's and q's. In: Kim, K., Matsumoto, T. (eds) Advances in Cryptology — ASIACRYPT '96. ASIACRYPT 1996. Lecture Notes in Computer Science, vol 1163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0034832

Download citation

  • DOI: https://doi.org/10.1007/BFb0034832

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-61872-0

  • Online ISBN: 978-3-540-70707-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation