Geodesic
Attacks on digital signature schemes not accounted by the common security definitions, and countermeasures
Matematičeskie voprosy kriptografii, Tome 7 (2016) no. 1, pp. 93-118 Cet article a éte moissonné depuis la source Math-Net.Ru

Voir la notice de l'article

The implementation of the so called duplicate signature key selection attack on different digital signature schemes is discussed. We discuss also the usage of this attack for breaking some cryptographic protocols based on vulnerable signature schemes. Countermeasures for preventing this attack at the scheme-level and protocol-level are considered also. 
@article{MVK_2016_7_1_a5,
     author = {V. D. Nikolaev},
     title = {Attacks on digital signature schemes not accounted by the common security definitions, and countermeasures},
     journal = {Matemati\v{c}eskie voprosy kriptografii},
     pages = {93--118},
     year = {2016},
     volume = {7},
     number = {1},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/MVK_2016_7_1_a5/}
}
TY  - JOUR
AU  - V. D. Nikolaev
TI  - Attacks on digital signature schemes not accounted by the common security definitions, and countermeasures
JO  - Matematičeskie voprosy kriptografii
PY  - 2016
SP  - 93
EP  - 118
VL  - 7
IS  - 1
UR  - http://geodesic.mathdoc.fr/item/MVK_2016_7_1_a5/
LA  - ru
ID  - MVK_2016_7_1_a5
ER  - 
%0 Journal Article
%A V. D. Nikolaev
%T Attacks on digital signature schemes not accounted by the common security definitions, and countermeasures
%J Matematičeskie voprosy kriptografii
%D 2016
%P 93-118
%V 7
%N 1
%U http://geodesic.mathdoc.fr/item/MVK_2016_7_1_a5/
%G ru
%F MVK_2016_7_1_a5
V. D. Nikolaev. Attacks on digital signature schemes not accounted by the common security definitions, and countermeasures. Matematičeskie voprosy kriptografii, Tome 7 (2016) no. 1, pp. 93-118. http://geodesic.mathdoc.fr/item/MVK_2016_7_1_a5/

[1] Varnovskii N. P., “Stoikost skhem elektronnoi podpisi v modeli s zaschischennym modulem”, Diskretnaya matematika, 20:3 (2008), 147–159 | DOI | Zbl

[2] Informatsionnye tekhnologii i bezopasnost. Algoritmy elektronnoi tsifrovoi podpisi i transporta klyucha na osnove ellipticheskikh krivykh, Gosudarstvennyi standart Respubliki Belarus STB 34.101.45–2013), Utverzhden i vveden v deistvie postanovleniem Gosstandarta Respubliki Belarus ot 30 avgusta 2013 g. No 45, Gosstandart, Minsk, 2013, 40 pp.

[3] Informatsionnaya tekhnologiya. Kriptograficheskaya zaschita informatsii. Protsessy formirovaniya i proverki elektronnoi tsifrovoi podpisi, Natsionalnyi standart Rossiiskoi Federatsii GOST R 34.10-2012, Utverzhden i vveden v deistvie Prikazom Federalnogo agentstva po tekhnicheskomu regulirovaniyu i metrologii ot 7 avgusta 2012 g. No 215-st, Standartinform, M., 2012

[4] Cheremushkin A. V., Kriptograficheskie protokoly. Osnovnye svoistva i uyazvimosti, Izd. tsentr «Akademiya, M., 2009, 272 pp.

[5] Blake-Wilson S., Menezes A., “Unknown key-share attacks on the station-to-station (STS) protocol”, Lect. Notes Comput. Sci., 1560, 1999, 156–170

[6] Brown D., “On the Provable Security of ECDSA”, Advances in Elliptic Curve Cryptography, eds. I. F. Blake, G. Seroussi, N. P. Smart, Cambridge Univ. Press, Cambridge, 2005, 21–40 | DOI | MR

[7] Cramer R., Shoup V., “Signature schemes based on the strong RSA assumption”, ACM Trans. Inform. System Security, 3:3 (2000), 161–185 | DOI

[8] Diffie W., van Oorschot P. C., Wiener M. J., “Authentication and authenticated key exchanges”, Designs, Codes and Cryptography, 2:2 (1992), 107–125 | DOI | MR

[9] Elliptic Curve Cryptography, version 2.0, Technical Guideline TR-03111, Bundesamt fuer Sicherheit in der Informationstechnik, Bonn, 2012

[10] Digital Signature Standard (DSS), FIPS PUB 186-4, National Institute of Standards and Technology, Gaithersburg, MD, 2013, iv+121 pp. http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

[11] Gennaro R., Halevi S., Rabin T., “Secure hash-and-sign signatures without the random oracle”, Advances in Cryptology — EUROCRYPT'99, International Conference on the Theory and Application of Cryptographic Techniques, Proceedings (Prague, May 2–6, 1999), Lect. Notes Comput. Sci., 1592, ed. J. Stern, Springer, Heidelberg etc., 1999, 123–139 http://dblp.uni-trier.de/rec/bib/conf/eurocrypt/99 | DOI | MR | Zbl

[12] Goldwasser S., Micali S., Rivest R. L., “A digital signature scheme secure against adaptive chosen-message attacks”, SIAM J. Comput., 17:2 (1988), 281–308 | DOI | MR | Zbl

[13] Goldwasser S., Micali S., Rivest R. L., “A “paradoxical” solution to the signature problem”, Proceedings of the 25th Annual Symposium on Foundations of Computer Science (Singer Island, Fla., October 24–26, 1984), eds. L. Valiant, L. Stockmeyer, R. Karp, M. O'Donnell, L. Gubias, M. Tompa, IEEE/Computer Society Press, Piscataway, NJ, 1984, 441–448

[14] Information technology — Security techniques — Key management — Part 3: Mechanisms using asymmetric techinques, ISO/IEC 11770-3

[15] Information technology — Security techniques — Digital signatures with appendix — Part 3: Discrete logarithm based mechanisms, ISO/IEC 14888-3

[16] Koblitz N., Menezes A., Another look at security definitions, IACR Cryptology ePrint Archive, No Report 2011/343, , 39 pp. http://eprint.iacr.org/2011/343

[17] Lamport L., Constructing Digital Signatures from a One Way Function, SRI International/Computer Sci. Lab., Menlo Park, CA, 1979, 7 pp.

[18] Lee P. J., Lim C. H., “A Study on the proposed Korean Digital Signature Algorithm”, Advances in Cryptology — ASIACRYPT'98, International Conference on the Theory and Application of Cryptology and Information Security, Proceedings (Beijing, China, October 18–22, 1998), Lect. Notes Comput. Sci., 1514, eds. K. Ohta, D. Pei, Springer, Heidelberg etc., 1998, 175–186 | MR | Zbl

[19] Menezes A., Smart N., “Security of signature schemes in a multi-user setting”, Designs, Codes and Cryptography, 33:3 (2004), 261–274 | DOI | MR | Zbl

[20] Naor M., Yung M., “Universal one-way hash functions and their cryptographic applications”, Proceedings of the 21st Annual ACM Symposium on Theory of Computing, ed. D. S. Johnson, Ass. Comput. Machinery, N.Y., 1989, 33–43

[21] Rivest R. L., Shamir A., Adleman L., “A method for obtaining digital signatures and public-key cryptosystems”, Comm. ACM, 21:2 (1978), 120–126 | DOI | MR | Zbl

[22] Rosa T., “Key-collisions in (EC)DSA schemes: Attacking non-repudiation”, A talk presented at rump session of 22nd Annual International Cryptology Conference (Santa Barbara, CA, August 18–22, 2002); IACR Cryptology ePrint Archive, No Report 2002/129, 2002, 13 pp. http://eprint.iacr.org/2002/129

[23] Rosa T., “On the key-collisions in the signature schemes”, Proceedings of the Czech Cryptologic Workshop VKB 2002 (Brno, April 3–4, 2002), 2002, 14–26 (na cheshskom yaz.) http://crypto.hyperlink.cz/files/k-kolize_rosa.pdf

[24] Schneier B., Riordan J., “A certified e-mail protocol”, Proceedings of the 14th Annual Computer Security Applications Conference (Phoenix-Scottsdale, AZ, December 7–11, 1998), IEEE Computer Society, Los Alamitos, CA, etc., 1999, 347–352

[25] Schneier B., Hall C., “An improved e-mail protocol”, Proceedings of the 13th Annual Computer Security Applications Conference (San Diego, CA, December 8–12, 1997), IEEE Computer Society, Los Alamitos, CA, etc., 1997, 227–230 | DOI

[26] Schnorr C. P., “Efficient signature generation by smart cards”, J. Cryptology, 4:3 (1991), 161–174 | DOI | MR | Zbl

[27] Digital signature mechanism with appendix — Part 2 — Certificate-based digital signature algorithm, TTAK.KO-12/R2