Recovering Private Keys Generated with Weak PRNGsReportar como inadecuado

Recovering Private Keys Generated with Weak PRNGs - Descarga este documento en PDF. Documentación en PDF para descargar gratis. Disponible también para leer online.

1 UR1 - Université de Rennes 1 2 IUF - Institut Universitaire de France 3 NTT Secure Platform Laboratories Tokyo 4 CELTIQUE - Software certification with semantic analysis Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL

Abstract : Suppose that the private key of discrete logarithm-based or factoring-based public-key primitive is obtained by concatenating the outputs of a linear congruential generator. How seriously is the scheme weakened as a result? While linear congruential generators are cryptographically very weak -pseudorandom- number generators, the answer to that question is not immediately obvious, since an adversary in such a setting does not get to examine the outputs of the congruential generator directly, but can only obtain an implicit hint about them—namely the public key. In this paper, we take a closer look at that problem, and show that, in most cases, an attack does exist to retrieve the key much faster than with a naive exhaustive search on the seed of the generator.

Autor: Pierre-Alain Fouque - Mehdi Tibouchi - Jean-Christophe Zapalowicz -



Documentos relacionados