Cryptology ePrint Archive: Report 2019/1412

Cryptanalysis and Improvement of Smart-ID's Clone Detection Mechanism

Augustin P. Sarr

Abstract: At ESORICS 2017, Buldas et al. proposed an efficient (software only) server supported signature scheme, geared to mobile devices, termed Smart-ID. A major component of their design is a clone detection mechanism, which allows a server to detect the existence of clones of a client's private key share. We point out a flaw in this mechanism. We show that, under a realistic race condition, an attacker which holds a password camouflaged private share can lunch an online dictionary attack such that (i)if all its password guesses are wrong, it is very likely that the attack will not be detected, and (ii) if one of its guesses is correct, it can generate signatures on messages of its choice, and the attack will \emph{not} be detected. We propose an improvement of Smart-ID to thwart the attack we present.

Category / Keywords: cryptographic protocols / Smart-ID, four-prime RSA, mobile devices, clone detection, undetectable online dictionary attack

Date: received 5 Dec 2019, last revised 21 Dec 2019

Contact author: aug sarr at gmail com

Available format(s): PDF | BibTeX Citation

Note: We correct some typos.

Version: 20191221:120703 (All versions of this report)

Short URL: ia.cr/2019/1412


[ Cryptology ePrint archive ]