Skip to main content
SpringerLink
Log in

Lattice Attacks on Digital Signature Schemes

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

We describe a lattice attack on the Digital Signature Algorithm (DSA) when used to sign many messages, mi, under the assumption that a proportion of the bits of each of the associated ephemeral keys, yi, can be recovered by alternative techniques.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. L. Babai, On Lovász lattice reduction and the nearest point problem, Combinatorica, Vol. 6 (1986) pp. 1–13.

    Google Scholar 

  2. D. Boneh and G. Durfee, Cryptanalysis of RSA with private key of less than N0.292. Advances in Cryptology, EUROCRYPT' 99 (J. Stern, ed.), volume 1592, Lecture Notes in Computer Science, Springer-Verlag (1999) pp. 1–11.

  3. D. Boneh and R. Venkatesan, Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes. Advances in Cryptology, CRYPTO' 96 (N. Koblitz, ed.), volume 1109, Lecture Notes in Computer Science, Springer-Verlag (1996) pp. 129–142.

  4. D. Coppersmith, Finding a small root of a bivariate integer equation; factoring with high bits known. Advances in Cryptology, EUROCRYPT' 96 (U. Maurer, ed.), volume 1070, Lecture Notes in Computer Science, Springer-Verlag (1996) pp. 178–189.

  5. D. Coppersmith, Small solutions to polynomial equations, and low exponent RSA vulnerabilities, J. of Cryptology, Vol. 10 (1997) pp. 233–260.

    Google Scholar 

  6. T. ElGamal, A public-key cryptosystem and a signature scheme based on discrete logarithms, IEEE Trans. Inform. Theory, Vol. 31 (1985) pp. 469–472.

    Google Scholar 

  7. N. Howgrave-Graham, Finding small roots of univariate modular equations revisited, Proc. of Cryptography and Coding (Lect. Notes in Comp. Sci., Vol. 1355), Springer-Verlag (1997) pp. 131–142.

    Google Scholar 

  8. N. Howgrave-Graham, Computational mathematics inspired by RSA, PhD. Thesis, University of Bath (1999).

  9. N. Howgrave-Graham and J-P. Seifert, Extending Wiener's attack in the presence of many decrypting exponents, Secure Networking—CQRE [Secure]' 99, (Lect. Notes in Comp. Sci., Vol. 1740), Springer-Verlag (1999) pp. 153–166.

    Google Scholar 

  10. A. K. Lenstra, H. W. Lenstra and L. Lovász, Factoring polynomials with rational coefficients, Math. Ann., Vol. 261 (1982) pp. 515–534.

    Google Scholar 

  11. V. Shoup, NTL: A Library for doing Number Theory http://www.shoup.net/

Download references

Author information

Authors and Affiliations

  1. T. J. Watson Research Center, IBM, 30 Saw Mill River Road, Hawthorne, NY, 10532

    N. A. Howgrave-Graham

  2. Department of Computer Science, Bristol University, Woodland Road, Bristol, BS8 1UB

    N. P. Smart

Authors
  1. N. A. Howgrave-Graham
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. N. P. Smart
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Howgrave-Graham, N.A., Smart, N.P. Lattice Attacks on Digital Signature Schemes. Designs, Codes and Cryptography 23, 283–290 (2001). https://doi.org/10.1023/A:1011214926272

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1011214926272

Search

Navigation