Cryptology ePrint Archive: Report 2003/245

A Key Substitution Attack on SFLASH^{v3}

Willi Geiselmann and Rainer Steinwandt

Abstract: A practical key substitution attack on SFLASH^{v3} is described: Given a valid (message, signature) pair (m,\sigma) for some public key v_0, one can derive another public key v_1 (along with matching secret data) such that (m,\sigma) is also valid for v_1. The computational effort needed for finding such a `duplicate' key is comparable to the effort needed for ordinary key generation.

Category / Keywords: public-key cryptography / digital signatures, cryptanalysis

Date: received 26 Nov 2003

Contact author: steinwan at ira uka de

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20031126:181253 (All versions of this report)

Short URL: ia.cr/2003/245

Discussion forum: Show discussion | Start new discussion