A key recovery attack on discrete log-based schemes using a prime order subgroup View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

1997

AUTHORS

Chae Hoon Lim , Pil Joong Lee

ABSTRACT

Consider the well-known oracle attack: somehow one gets a certain computation result as a function of a secret key from the secret key owner and tries to extract some information on the secret key. This attacking scenario is well understood in the cryptographic community. However, there are many protocols based on the discrete logarithm problem that turn out to leak many of the secret key bits from this oracle attack, unless suitable checkings are carried out. In this paper we present a key recovery attack on various discrete log-based schemes working in a prime order subgroup. Our attack may reveal part of, or the whole secret key in most Diffie-Hellman-type key exchange protocols and some applications of ElGamal encryption and signature schemes. More... »

PAGES

249-263

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/bfb0052240

DOI

http://dx.doi.org/10.1007/bfb0052240

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1023749812


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Information and Communications Research Center, Future Systems, Inc., 372-2, Yang Jae-Dong, Seo Cho-Gu, 137-130, Seoul, Korea", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "Information and Communications Research Center, Future Systems, Inc., 372-2, Yang Jae-Dong, Seo Cho-Gu, 137-130, Seoul, Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Lim", 
        "givenName": "Chae Hoon", 
        "id": "sg:person.07625662627.46", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07625662627.46"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Dept. of Electronic and Electrical Engineering, Pohang University of Science and Technology (POSTECH), 790-784, Pohang, Korea", 
          "id": "http://www.grid.ac/institutes/grid.49100.3c", 
          "name": [
            "Dept. of Electronic and Electrical Engineering, Pohang University of Science and Technology (POSTECH), 790-784, Pohang, Korea"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Lee", 
        "givenName": "Pil Joong", 
        "id": "sg:person.07604056727.76", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07604056727.76"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "1997", 
    "datePublishedReg": "1997-01-01", 
    "description": "Consider the well-known oracle attack: somehow one gets a certain computation result as a function of a secret key from the secret key owner and tries to extract some information on the secret key. This attacking scenario is well understood in the cryptographic community. However, there are many protocols based on the discrete logarithm problem that turn out to leak many of the secret key bits from this oracle attack, unless suitable checkings are carried out. In this paper we present a key recovery attack on various discrete log-based schemes working in a prime order subgroup. Our attack may reveal part of, or the whole secret key in most Diffie-Hellman-type key exchange protocols and some applications of ElGamal encryption and signature schemes.", 
    "editor": [
      {
        "familyName": "Kaliski", 
        "givenName": "Burton S.", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/bfb0052240", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-540-63384-6", 
        "978-3-540-69528-8"
      ], 
      "name": "Advances in Cryptology \u2014 CRYPTO '97", 
      "type": "Book"
    }, 
    "keywords": [
      "subgroups", 
      "protocol", 
      "attacks", 
      "function", 
      "results", 
      "part", 
      "information", 
      "prime order subgroup", 
      "community", 
      "key", 
      "problem", 
      "one", 
      "owners", 
      "applications", 
      "scenarios", 
      "checking", 
      "paper", 
      "key recovery attack", 
      "log-based scheme", 
      "scheme", 
      "secret key", 
      "recovery attack", 
      "oracle attacks", 
      "secret key owner", 
      "discrete logarithm problem", 
      "Diffie-Hellman", 
      "key exchange protocol", 
      "key owner", 
      "cryptographic community", 
      "logarithm problem", 
      "secret key bits", 
      "ElGamal encryption", 
      "bits", 
      "whole secret key", 
      "exchange protocol", 
      "signature scheme", 
      "key bits", 
      "computation results", 
      "encryption", 
      "certain computation result", 
      "suitable checkings", 
      "discrete log-based schemes", 
      "order subgroup", 
      "most Diffie-Hellman", 
      "type key exchange protocols"
    ], 
    "name": "A key recovery attack on discrete log-based schemes using a prime order subgroup", 
    "pagination": "249-263", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1023749812"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/bfb0052240"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/bfb0052240", 
      "https://app.dimensions.ai/details/publication/pub.1023749812"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2021-11-01T18:58", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20211101/entities/gbq_results/chapter/chapter_375.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/bfb0052240"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/bfb0052240'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/bfb0052240'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/bfb0052240'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/bfb0052240'


 

This table displays all metadata directly associated to this object as RDF triples.

115 TRIPLES      23 PREDICATES      71 URIs      64 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/bfb0052240 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author N7b571f4d7a0145a78d29ff1e37a746b0
4 schema:datePublished 1997
5 schema:datePublishedReg 1997-01-01
6 schema:description Consider the well-known oracle attack: somehow one gets a certain computation result as a function of a secret key from the secret key owner and tries to extract some information on the secret key. This attacking scenario is well understood in the cryptographic community. However, there are many protocols based on the discrete logarithm problem that turn out to leak many of the secret key bits from this oracle attack, unless suitable checkings are carried out. In this paper we present a key recovery attack on various discrete log-based schemes working in a prime order subgroup. Our attack may reveal part of, or the whole secret key in most Diffie-Hellman-type key exchange protocols and some applications of ElGamal encryption and signature schemes.
7 schema:editor N523d38aadbce474a80c16a9df83fd4dc
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree true
11 schema:isPartOf N027a5272bc4f4ac5ad7db25fa55cef71
12 schema:keywords Diffie-Hellman
13 ElGamal encryption
14 applications
15 attacks
16 bits
17 certain computation result
18 checking
19 community
20 computation results
21 cryptographic community
22 discrete log-based schemes
23 discrete logarithm problem
24 encryption
25 exchange protocol
26 function
27 information
28 key
29 key bits
30 key exchange protocol
31 key owner
32 key recovery attack
33 log-based scheme
34 logarithm problem
35 most Diffie-Hellman
36 one
37 oracle attacks
38 order subgroup
39 owners
40 paper
41 part
42 prime order subgroup
43 problem
44 protocol
45 recovery attack
46 results
47 scenarios
48 scheme
49 secret key
50 secret key bits
51 secret key owner
52 signature scheme
53 subgroups
54 suitable checkings
55 type key exchange protocols
56 whole secret key
57 schema:name A key recovery attack on discrete log-based schemes using a prime order subgroup
58 schema:pagination 249-263
59 schema:productId Nae7b613201684a10bbb515070a85684a
60 Nd7768662a8dc49d9a332f406dd928bb7
61 schema:publisher Ne36a51c2f1044ce58a18d62f2702f1a4
62 schema:sameAs https://app.dimensions.ai/details/publication/pub.1023749812
63 https://doi.org/10.1007/bfb0052240
64 schema:sdDatePublished 2021-11-01T18:58
65 schema:sdLicense https://scigraph.springernature.com/explorer/license/
66 schema:sdPublisher Nee59366eca25414f9fc0406c7971c671
67 schema:url https://doi.org/10.1007/bfb0052240
68 sgo:license sg:explorer/license/
69 sgo:sdDataset chapters
70 rdf:type schema:Chapter
71 N027a5272bc4f4ac5ad7db25fa55cef71 schema:isbn 978-3-540-63384-6
72 978-3-540-69528-8
73 schema:name Advances in Cryptology — CRYPTO '97
74 rdf:type schema:Book
75 N523d38aadbce474a80c16a9df83fd4dc rdf:first N6d617ec536ae4a34879bffc6382d55c5
76 rdf:rest rdf:nil
77 N6d617ec536ae4a34879bffc6382d55c5 schema:familyName Kaliski
78 schema:givenName Burton S.
79 rdf:type schema:Person
80 N6ed7f080722641c2a014e0b348cae3a3 rdf:first sg:person.07604056727.76
81 rdf:rest rdf:nil
82 N7b571f4d7a0145a78d29ff1e37a746b0 rdf:first sg:person.07625662627.46
83 rdf:rest N6ed7f080722641c2a014e0b348cae3a3
84 Nae7b613201684a10bbb515070a85684a schema:name doi
85 schema:value 10.1007/bfb0052240
86 rdf:type schema:PropertyValue
87 Nd7768662a8dc49d9a332f406dd928bb7 schema:name dimensions_id
88 schema:value pub.1023749812
89 rdf:type schema:PropertyValue
90 Ne36a51c2f1044ce58a18d62f2702f1a4 schema:name Springer Nature
91 rdf:type schema:Organisation
92 Nee59366eca25414f9fc0406c7971c671 schema:name Springer Nature - SN SciGraph project
93 rdf:type schema:Organization
94 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
95 schema:name Information and Computing Sciences
96 rdf:type schema:DefinedTerm
97 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
98 schema:name Data Format
99 rdf:type schema:DefinedTerm
100 sg:person.07604056727.76 schema:affiliation grid-institutes:grid.49100.3c
101 schema:familyName Lee
102 schema:givenName Pil Joong
103 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07604056727.76
104 rdf:type schema:Person
105 sg:person.07625662627.46 schema:affiliation grid-institutes:None
106 schema:familyName Lim
107 schema:givenName Chae Hoon
108 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07625662627.46
109 rdf:type schema:Person
110 grid-institutes:None schema:alternateName Information and Communications Research Center, Future Systems, Inc., 372-2, Yang Jae-Dong, Seo Cho-Gu, 137-130, Seoul, Korea
111 schema:name Information and Communications Research Center, Future Systems, Inc., 372-2, Yang Jae-Dong, Seo Cho-Gu, 137-130, Seoul, Korea
112 rdf:type schema:Organization
113 grid-institutes:grid.49100.3c schema:alternateName Dept. of Electronic and Electrical Engineering, Pohang University of Science and Technology (POSTECH), 790-784, Pohang, Korea
114 schema:name Dept. of Electronic and Electrical Engineering, Pohang University of Science and Technology (POSTECH), 790-784, Pohang, Korea
115 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...