Cryptology ePrint Archive: Report 2007/357

A Note on Signature Standards

Michael Braun and Anton Kargl

Abstract: A major security goal for signature schemes is to prevent an adversary from producing new valid signatures even though he can receive valid signatures of any messages from the legitimate signer. On the one hand the security of elliptic curve signature schemes, as ECDSA, ECGDSA, or ECKCDSA, is based on the elliptic curve discrete logarithm problem, respectively on the security of the used hash function. On the other hand some special cases for ephemeral keys and signature components also have to be excluded to guarantee the security of the signature scheme. In this paper we are going to investigate some exceptional cases, which are not covered by current signature generation algorithms, but leak information on the private signature key.

Category / Keywords: public-key cryptography / Digital Signatures, ECDSA, ECGDSA, ECKCDSA

Date: received 10 Sep 2007

Contact author: anton kargl at siemens com

Available format(s): PDF | BibTeX Citation

Version: 20070913:195932 (All versions of this report)

Short URL: ia.cr/2007/357

Discussion forum: Show discussion | Start new discussion