Paper 2015/368

Breaking the Rabin-Williams digital signature system implementation in the Crypto++ library

Evgeny Sidorov

Abstract

This paper describes a bug in the implementation of the Rabin-Williams digital signature in the \texttt{Crypto++} framework. The bug is in the misuse of blinding technique that is aimed at preventing timing attacks on the digital signature system implementation, but eventually results in an opportunity to find the private key having only two different signatures of the same message. The CVE identifier of the issue is \texttt{CVE-2015-2141}.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. Minor revision.
Keywords
cryptanalysisdigital signaturesimplementation
Contact author(s)
e-sidorov @ yandex-team com
History
2015-04-23: received
Short URL
https://ia.cr/2015/368
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/368,
      author = {Evgeny Sidorov},
      title = {Breaking the Rabin-Williams digital signature system implementation in the Crypto++ library},
      howpublished = {Cryptology ePrint Archive, Paper 2015/368},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/368}},
      url = {https://eprint.iacr.org/2015/368}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.