You are looking at a specific version 20200731:202605 of this paper.
See the latest version.
Paper 2020/945
On the (in)security of ROS
Fabrice Benhamouda and Tancrède Lepoint and Michele Orrù and Mariana Raykova
Abstract
We present an algorithm solving the ROS (Random inhomogeneities in a Overdetermined Solvable system of linear equations) problem in polynomial time for large enough dimensions $\ell$. The algorithm implies polynomial-time attacks against blind signatures such as Schnorr and Okamoto--Schnorr blind signatures, threshold signatures such as the one from GJKR (when concurrent executions are allowed), and multisignatures such as CoSI and the two-round version of MuSig.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- ROSBlind SchnorrCryptanalysis
- Contact author(s)
- fabrice benhamouda @ gmail com,tancrede @ google com,marianar @ google com,michele orru @ ens fr
- History
- 2024-02-01: last of 5 revisions
- 2020-07-31: received
- See all versions
- Short URL
- https://ia.cr/2020/945
- License
-
CC BY