A hierarchy of polynomial time lattice basis reduction algorithms
Theoretical Computer Science
Random number generation and quasi-Monte Carlo methods
Random number generation and quasi-Monte Carlo methods
Lattice basis reduction: improved practical algorithms and solving subset sum problems
Mathematical Programming: Series A and B
Finite fields
Rounding in lattices and its cryptographic applications
SODA '97 Proceedings of the eighth annual ACM-SIAM symposium on Discrete algorithms
A sieve algorithm for the shortest lattice vector problem
STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
Lattice Attacks on Digital Signature Schemes
Designs, Codes and Cryptography
Handbook of Applied Cryptography
Handbook of Applied Cryptography
The Hardness of the Hidden Subset Sum Problem and Its Cryptographic Implications
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
On the Generalised Hidden Number Problem and Bit Security of XTR
AAECC-14 Proceedings of the 14th International Symposium on Applied Algebra, Algebraic Algorithms and Error-Correcting Codes
The Hidden Number Problem in Extension Fields and Its Applications
LATIN '02 Proceedings of the 5th Latin American Symposium on Theoretical Informatics
Hidden Number Problem with the Trace and Bit Security of XTR and LUC
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
The Two Faces of Lattices in Cryptology
CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
Hi-index | 0.01 |
It has recently been proved by Nguyen and Shparlinski that the Digital Signature Algorithm (DSA) is insecure when a few consecutive bits of the random nonces k are known for a reasonably small number of DSA signatures. This result confirmed the efficiency of some heuristic lattice attacks designed and numerically verified by Howgrave-Graham and Smart. Here, we extend the attack to the Nyberg-Rueppel variants of DSA.We use a connection with the hidden number problem introduced by Boneh and Venkatesan and new bounds of exponential sums which might be of independent interest.