Chosen Message Attack Against Goldreich-Goldwasser-Halevi's Signature Scheme from Crypto'97

نویسندگان

  • DaeHun Nyang
  • JooSeok Song
چکیده

The Goldreich-Goldwasser-Halevi(GGH)’s signature scheme from Crypto ’99 is cryptanalyzed, which is based on the well-known lattice problem. We mount a chosen message attack on the signature scheme, and show the signature scheme is vulnerable to the attack. We collects n lattice points that are linearly independent each other, and constructs a new basis that generates a sub-lattice of the original lattice. The sub-lattice is shown to be sufficient to generate a valid signature. Empirical results are presented to show the effectiveness of the attack. Finally, we show that the cube-like parameter used for the private-key generation is harmful to the security of the scheme.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme

The focus of this note is the Goldwasser-Micali-Rivest Signature Scheme (presented in the 25th POCS, 1984). The GMR scheme has the salient property that, unless factoring is easy, it is infeasible to forge any signature even through an adaptive chosen message attack. We present two technical contributions with respect to the GMR scheme: 1) The GMR scheme can be made totally \memoryless": That i...

متن کامل

Cs - R 9529 1995

Even, Goldreich and Micali showed at Crypto'89 that the existence of signature schemes secure against known message attacks implies the existence of schemes secure against adaptively chosen message attacks. Unfortunately, this transformation leads to a rather impractical scheme. We exhibit a similar security ampliication, which takes the given scheme to a new signature scheme that is not even e...

متن کامل

A Digital Signature Scheme Secure Against Adaptive Chosen - Message Attacks * ( Revision March 23 , 1995 )

Shafi Goldwasser∗∗ Silvio Micali∗∗ Ronald L. Rivest ∗∗ Abstract We present a digital signature scheme based on the computational difficulty of integer factorization. The scheme possesses the novel property of being robust against an adaptive chosen-message attack: an adversary who receives signatures for messages of his choice (where each message may be chosen in a way that depends on the signa...

متن کامل

Improved Online/Offline Signature Schemes

The notion of on-line/off-line signature schemes was introduced in 1990 by Even, Goldreich and Micali. They presented a general method for converting any signature scheme into an on-line/off-line signature scheme, but their method is not very practical as it increases the length of each signature by a quadratic factor. In this paper we use the recently introduced notion of a trapdoor hash funct...

متن کامل

A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks

We present a digital signature scheme based on the computational difficulty of integer factorization. The scheme possesses the novel property of being robust against an adaptive chosen-message attack: an adversary who receives signatures for messages of his choice (where each message may be chosen in a way that depends on the signatures of previously chosen messages) cannot later forge the sign...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2000  شماره 

صفحات  -

تاریخ انتشار 2000