How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
An identity-based identification scheme based on discrete logarithms modulo a composite number
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
A remark on efficiency of identification schemes
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Untraceable off-line cash in wallet with observers
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Group Signatures and Their Relevance to Privacy-Protecting Off-Line Electronic Cash Systems
ACISP '99 Proceedings of the 4th Australasian Conference on Information Security and Privacy
A Simple and Secure Way to Show the Validity of Your Public Key
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Efficient Identification and Signatures for Smart Cards
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Wallet Databases with Observers
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Efficient Group Signature Schemes for Large Groups (Extended Abstract)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
"Indirect Discourse Proof": Achieving Efficient Fair Off-Line E-cash
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
A Group Signature Scheme with Improved Efficiency
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Some Open Issues and New Directions in Group Signatures
FC '99 Proceedings of the Third International Conference on Financial Cryptography
A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroupp
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Publicly verifiable secret sharing
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A secure and optimally efficient multi-authority election scheme
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Polynomial Interpolation of the k-th Root of the Discrete Logarithm
CAI '09 Proceedings of the 3rd International Conference on Algebraic Informatics
| Hi-index | 0.00 |
We describe new attacks that can be launched on some well known signature schemes. The attacks are related to Lim and Lee's key recovery attacks in prime order subgroups. Several new attacking scenarios are described where the group order can be either prime, composite, or unknown. These attacks are able to compromise certain properties of complex protocols such as identity revelation by the revocation manager in a group signature setting, or owner tracing in fair electronic cash. It is suggested that safe primes must be considered for use in all such protocols, together with a proof of safe parameter selection.