Paper 2019/1412

Cryptanalysis and Improvement of Smart-ID's Clone Detection Mechanism

Augustin P. Sarr


At ESORICS 2017, Buldas et al. proposed an efficient (software only) server supported signature scheme, geared to mobile devices, termed Smart-ID. A major component of their design is a clone detection mechanism, which allows a server to detect the existence of clones of a client's private key share. We point out a flaw in this mechanism. We show that, under a realistic race condition, an attacker which holds a password camouflaged private share can lunch an online dictionary attack such that (i)if all its password guesses are wrong, it is very likely that the attack will not be detected, and (ii) if one of its guesses is correct, it can generate signatures on messages of its choice, and the attack will \emph{not} be detected. We propose an improvement of Smart-ID to thwart the attack we present.

Note: We correct some typos.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Smart-IDfour-prime RSAmobile devicesclone detectionundetectable online dictionary attack
Contact author(s)
aug sarr @ gmail com
2019-12-21: last of 4 revisions
2019-12-06: received
See all versions
Short URL
Creative Commons Attribution


      author = {Augustin P.  Sarr},
      title = {Cryptanalysis and Improvement of Smart-ID's Clone Detection Mechanism},
      howpublished = {Cryptology ePrint Archive, Paper 2019/1412},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.