Paper 2010/149

On Small Subgroup Non-confinement Attack

Feng Hao

Abstract

The small subgroup confinement attack works by confining cryptographic operations within a small subgroup, in which exhaustive search is feasible. This attack is overt and hence can be easily thwarted by adding a public key validation: verifying the received group element has proper order. In this paper, we present a different aspect of the small subgroup attack. Sometimes, the fact that an operation does not fall into the small subgroup confinement may provide an oracle to an attacker, leaking partial information about the long-term secrets. This attack is subtle and reflects structural weakness of a protocol; the question of whether the protocol has a public key validation is completely irrelevant. As a concrete example, we show how this attack works on the Secure Remote Password (SRP-6) protocol.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
Key exchangePAKESRP-6
Contact author(s)
haofeng66 @ gmail com
History
2010-03-21: received
Short URL
https://ia.cr/2010/149
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2010/149,
      author = {Feng Hao},
      title = {On Small Subgroup Non-confinement Attack},
      howpublished = {Cryptology ePrint Archive, Paper 2010/149},
      year = {2010},
      note = {\url{https://eprint.iacr.org/2010/149}},
      url = {https://eprint.iacr.org/2010/149}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.