Name
Abstract | ||
|---|---|---|
The small subgroup confinement attack works by confining cryptographic operations within a small subgroup, in which exhaustive search is feasible. This attack is overt and hence can be easily thwarted by adding a public key validation: verifying the received group element has proper order. In this paper, we present a different aspect of the small subgroup attack. Sometimes, the fact that an operation does not fall into the small subgroup confinement may provide an oracle to an attacker, leaking partial information about the long-term secrets. This attack is subtle and reflects structural weakness of a protocol; the question of whether the protocol has a public key validation is completely irrelevant. As a concrete example, we show how this attack works on the Secure Remote Password (SRP-6) protocol. |
Year | DOI | Venue |
|---|---|---|
2010 | 10.1109/CIT.2010.187 | IACR Cryptology ePrint Archive |
Keywords | DocType | Volume |
small subgroup,secure remote password,cryptographic operation,different aspect,secure remote password protocol,cryptographic operations,password authenticated key exchange,small subgroup confinement,attack work,small subgroup confinement attack,small subgroup nonconfinement attack,secure communication,public key cryptography,public key validation,cryptographic protocols,small subgroup non-confinement attack,long-term secrets,concrete example,small subgroup attack,received group element verification,servers,public key,generators,protocols,dictionaries | Conference | 2010 |
ISBN | Citations | PageRank |
978-1-4244-7547-6 | 2 | 0.40 |
References | Authors | |
0 | 2 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Hao Feng | 1 | 409 | 32.15 |
| yuko saito | 2 | 2 | 0.74 |