Generating EIGamal signatures without knowing the secret key

Authors:
Daniel Bleichenbacher
Affiliations:
ETH Zürich, Institute for Theoretical Computer Science, Zürich, Switzerland
Venue:
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Year:
1996

Citing 5
Cited 8

A public key cryptosystem and a signature scheme based on discrete logarithms

Proceedings of CRYPTO 84 on Advances in cryptology
An interactive identification scheme based on discrete logarithms and factoring

Journal of Cryptology - Eurocrypt '90
Discrete logarithms in GF(P) using the number field sieve

SIAM Journal on Discrete Mathematics
Public-Key Cryptography State

Public-Key Cryptography State
Designing and Detecting Trapdoors for Discrete Log Cryptosystems

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology

Hidden Collisions on DSS

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
A Study on the Proposed Korean Digital Signature Algorithm

ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Cryptographic Primitives for Information Authentication - State of the Art

State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
The Security of DSA and ECDSA

PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Smooth Orders and Cryptographic Applications

ANTS-V Proceedings of the 5th International Symposium on Algorithmic Number Theory
Fast generators for the Diffie-Hellman key agreement protocol and malicious standards

Information Processing Letters
On the possibility of constructing meaningful hash collisions for public keys

ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present a new method to forge ElGamal signatures if the public parameters of the system are not chosen properly. Since the secret key is hereby riot fourid this attack shows that forging ElGamal signatures is sometimes easier than the underlying discrete logarithm problem.