Chosen Message Attack Against Goldreich-Goldwasser-Halevi's Signature Scheme from Crypto'97
نویسندگان
چکیده
The Goldreich-Goldwasser-Halevi(GGH)’s signature scheme from Crypto ’99 is cryptanalyzed, which is based on the well-known lattice problem. We mount a chosen message attack on the signature scheme, and show the signature scheme is vulnerable to the attack. We collects n lattice points that are linearly independent each other, and constructs a new basis that generates a sub-lattice of the original lattice. The sub-lattice is shown to be sufficient to generate a valid signature. Empirical results are presented to show the effectiveness of the attack. Finally, we show that the cube-like parameter used for the private-key generation is harmful to the security of the scheme.
منابع مشابه
Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme
The focus of this note is the Goldwasser-Micali-Rivest Signature Scheme (presented in the 25th POCS, 1984). The GMR scheme has the salient property that, unless factoring is easy, it is infeasible to forge any signature even through an adaptive chosen message attack. We present two technical contributions with respect to the GMR scheme: 1) The GMR scheme can be made totally \memoryless": That i...
متن کاملCs - R 9529 1995
Even, Goldreich and Micali showed at Crypto'89 that the existence of signature schemes secure against known message attacks implies the existence of schemes secure against adaptively chosen message attacks. Unfortunately, this transformation leads to a rather impractical scheme. We exhibit a similar security ampliication, which takes the given scheme to a new signature scheme that is not even e...
متن کاملA Digital Signature Scheme Secure Against Adaptive Chosen - Message Attacks * ( Revision March 23 , 1995 )
Shafi Goldwasser∗∗ Silvio Micali∗∗ Ronald L. Rivest ∗∗ Abstract We present a digital signature scheme based on the computational difficulty of integer factorization. The scheme possesses the novel property of being robust against an adaptive chosen-message attack: an adversary who receives signatures for messages of his choice (where each message may be chosen in a way that depends on the signa...
متن کاملImproved Online/Offline Signature Schemes
The notion of on-line/off-line signature schemes was introduced in 1990 by Even, Goldreich and Micali. They presented a general method for converting any signature scheme into an on-line/off-line signature scheme, but their method is not very practical as it increases the length of each signature by a quadratic factor. In this paper we use the recently introduced notion of a trapdoor hash funct...
متن کاملA Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks
We present a digital signature scheme based on the computational difficulty of integer factorization. The scheme possesses the novel property of being robust against an adaptive chosen-message attack: an adversary who receives signatures for messages of his choice (where each message may be chosen in a way that depends on the signatures of previously chosen messages) cannot later forge the sign...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2000 شماره
صفحات -
تاریخ انتشار 2000