Paper 2019/1412

Cryptanalysis and Improvement of Smart-ID's Clone Detection Mechanism

Augustin P. Sarr

Abstract

At ESORICS 2017, Buldas et al. proposed an efficient (software only) server supported signature scheme, geared to mobile devices, termed Smart-ID. A major component of their design is a clone detection mechanism, which allows a server to detect the existence of clones of a client's private key share. We point out a flaw in this mechanism. We show that, under a realistic race condition, an attacker which holds a password camouflaged private share can lunch an online dictionary attack such that (i)if all its password guesses are wrong, it is very likely that the attack will not be detected, and (ii) if one of its guesses is correct, it can generate signatures on messages of its choice, and the attack will \emph{not} be detected. We propose an improvement of Smart-ID to thwart the attack we present.

Note: We correct some typos.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
Smart-IDfour-prime RSAmobile devicesclone detectionundetectable online dictionary attack
Contact author(s)
aug sarr @ gmail com
History
2019-12-21: last of 4 revisions
2019-12-06: received
See all versions
Short URL
https://ia.cr/2019/1412
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2019/1412,
      author = {Augustin P.  Sarr},
      title = {Cryptanalysis and Improvement of Smart-{ID}'s Clone Detection Mechanism},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/1412},
      year = {2019},
      url = {https://eprint.iacr.org/2019/1412}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.