Abstract
We describe a lattice attack on the Digital Signature Algorithm (DSA) when used to sign many messages, $m_i$, under the assumption that a proportion of the bits of each of the associated ephemeral keys, $y_i$, can be recovered by alternative techniques.
Translated title of the contribution | Lattice attacks on digital signature schemes |
---|---|
Original language | English |
Pages (from-to) | 283 - 290 |
Number of pages | 8 |
Journal | Designs, Codes and Cryptography |
Volume | 23 (3) |
DOIs | |
Publication status | Published - Aug 2001 |
Bibliographical note
Publisher: SpringerOther: http://www.cs.bris.ac.uk/Publications/pub_info.jsp?id=1000576