The insecurity of the elliptic curve digital signature algorithm with partially known nonces (Q1412249): Difference between revisions

From MaRDI portal
Added link to MaRDI item.
Set OpenAlex properties.
 
(3 intermediate revisions by 2 users not shown)
Property / author
 
Property / author: Q177001 / rank
Normal rank
 
Property / author
 
Property / author: Igor E. Shparlinski / rank
 
Normal rank
Property / MaRDI profile type
 
Property / MaRDI profile type: MaRDI publication profile / rank
 
Normal rank
Property / full work available at URL
 
Property / full work available at URL: https://doi.org/10.1023/a:1025436905711 / rank
 
Normal rank
Property / OpenAlex ID
 
Property / OpenAlex ID: W1485287820 / rank
 
Normal rank

Latest revision as of 09:11, 30 July 2024

scientific article
Language Label Description Also known as
English
The insecurity of the elliptic curve digital signature algorithm with partially known nonces
scientific article

    Statements

    The insecurity of the elliptic curve digital signature algorithm with partially known nonces (English)
    0 references
    0 references
    0 references
    10 November 2003
    0 references
    This paper contains the first provable polynomial-time attack against the elliptic curve digital signature algorithm, when the nonces are partially known. The ``nonces'' are the random integers used to disguise the contribution of the secret key in the digital signature. \textit{N. Howgrave-Graham} and \textit{N. Smart} [Des. Codes Cryptography 23, 283--290 (2001; Zbl 1006.94022)] proposed several heuristic attacks against DSA assuming that a certain (not too small) number of bits of the nonces are known. \textit{P. Q. Nguyen} and \textit{I. E. Shparlinski} [J. Cryptology 15, 151--176 (2002; Zbl 1009.94011)] obtained provable polynomial-time attacks to DSA when the nonces are partially known, based on a generalization of the work of Boneh-Venkatesan on the hidden number problem. In this paper these ideas are extended to the case of ECDSA, building on results on the distribution of ECDSA signatures, based on bounds of exponential sums valuated on \(x\)-coordinates of elliptic curves over finite fields.
    0 references
    ECDSA
    0 references
    provable security
    0 references
    elliptic curve
    0 references
    digital signature
    0 references

    Identifiers

    0 references
    0 references
    0 references
    0 references
    0 references
    0 references
    0 references