An Efficient Protocol for Authenticated Key Agreement
Designs, Codes and Cryptography
Differential Fault Attacks on Elliptic Curve Cryptosystems
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Validation of Elliptic Curve Public Keys
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroupp
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Just fast keying: Key agreement in a hostile internet
ACM Transactions on Information and System Security (TISSEC)
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Authenticated key exchange under bad randomness
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
Message transmission for GH-public key cryptosystem
Journal of Computational and Applied Mathematics
| Hi-index | 0.00 |
A party may choose to reuse ephemeral public keys in a Diffie-Hellman key agreement protocol in order to reduce its computational workload or to mitigate against denial-of-service attacks. In this note, we show that small-subgroup attacks can be successfully launched on some Diffie-Hellman protocols that reuse ephemeral keys if domain parameters are not appropriately selected or if public keys are not appropriately validated.