Efficient identification and signatures for smart cards
CRYPTO '89 Proceedings on Advances in cryptology
Generating EIGamal signatures without knowing the secret key
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Security proofs for signature schemes
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Weaknesses in the SL2(IFs2) Hashing Scheme
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Choosing NTRUEncrypt Parameters in Light of Combined Lattice Reduction and MITM Approaches
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
We explain how to forge public parameters for the Digital Signature Standard with two known messages which always produce the same set of valid signatures (what we call a collision). This attack is thwarted by using the generation algorithm suggested in the specifications of the Standard, so it proves one always need to check proper generation. We also present a similar attack when using this generation algorithm within a complexity 274, which is better than the birthday attack which seeks for collisions on the underlying hash function.