On some issues affecting the security of RSA and ECDSA digital signature schemes
DOI:
https://doi.org/10.54654/isj.v1i18.884Keywords:
multi-target attack, digital signature scheme, RSA, ECDSA, recalculation problemTóm tắt
Abstract—In this paper, we will consider 02 problems with traditional digital signature schemes. The first problem will be related to multi-target attacks, which are often considered on the family of hash-based digital signature schemes such as XMSS, HORST, and FORST that are proposed as candidates for post-quantum cryptography. The article will show the influence of this type of attack on the popularly used digital signature schemes such as RSA, and ECDSA, and then analyze and evaluate some prevention solutions. The remaining issue that is concerned in this paper will be related to the requirement of recalculation in digital signature schemes based on a discrete logarithmic problem such as ECDSA. There, we will suggest some checks and iterations of the computation in the signing algorithm to avoid trivially leaking information related to the signing key.
Downloads
References
Ronald L. Rivest, Martin E. Hellman và John C. Anderson, “Responses to NIST’s Proposal”, Communications of the ACM, July 1992, Vol.35, No.7, pp. 42-52.
Markus Michels, David Naccache, and Holger Petersen, “GOST 34.10 – A Brief Overview of Russia’s DIGITAL SIGNATUREA”, Computers & Security 15(8):725-732, 1996.
M. Braun, A. Kargl. “A Note on Signature Standardigital signature”. IACR Cryptology ePrint Archive 2007 (2007): 357.
Ian F. Blake, G. Seroussi, and Nigel P. Smart, edigital signature. “Advances in elliptic curve cryptography” (Chapter II). Vol. 317. Cambridge University Press, 2005.
Katz, Jonathan, and Yehuda Lindell. “Introduction to modern cryptography” (Chapter 12). CRC press, 2020.
A. Hülsing, J. Rijneveld, F. Song. (2016). Mitigating multi-target attacks in hash-based signatures. In Public-Key Cryptography–PKC 2016 (pp. 387-416). Springer, Berlin, Heidelberg.
A. Menezes, and B. Ustaoglu. “Comparing the pre-and post-specified peer models for key agreement.” Australasian Conference on Information Security and Privacy. Springer, Berlin, Heidelberg, 2008.
W. Diffie and M. E. Hellman (1976). “New Directions in Cryptography”. In IEEE Transactions on Information Theory, volume IT-22, no. 6, pages 644-654, November 1976.
D. Pointcheval, and J. Stern (1996). “Security proofs for signature schemes”. International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg.
Downloads
Published
How to Cite
Issue
Section
License
Proposed Policy for Journals That Offer Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Proposed Policy for Journals That Offer Delayed Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).