Paper 2003/245

A Key Substitution Attack on SFLASH^{v3}

Willi Geiselmann and Rainer Steinwandt

Abstract

A practical key substitution attack on SFLASH^{v3} is described: Given a valid (message, signature) pair (m,\sigma) for some public key v_0, one can derive another public key v_1 (along with matching secret data) such that (m,\sigma) is also valid for v_1. The computational effort needed for finding such a `duplicate' key is comparable to the effort needed for ordinary key generation.

Metadata
Available format(s)
PDF PS
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
digital signaturescryptanalysis
Contact author(s)
steinwan @ ira uka de
History
2003-11-26: received
Short URL
https://ia.cr/2003/245
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2003/245,
      author = {Willi Geiselmann and Rainer Steinwandt},
      title = {A Key Substitution Attack on {SFLASH}^{v3}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2003/245},
      year = {2003},
      url = {https://eprint.iacr.org/2003/245}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.