Digital Signature Schemes with Domain Parameters

Digital signature schemes often use domain parameters such as prime numbers or elliptic curves. They can be subject to security threats when they are not treated like public keys. In this paper we formalize the notion of "signature scheme with domain parameter" together with a new adversarial model: the "domain parameter shifting attack". We take ECDSA as a case study. We make a domain parameter shifting attack against ECDSA: an attacker can impersonate a honest signer either by trying to modify the subgroup generator G or, when using point compression representation, by trying to modify the elliptic curve a and b domain parameters. We further propose to fix this ECDSA issue.


Published in:
The 9th Australasian Conference on Information Security and Privacy, ACISP '04, 3108, 188-199
Presented at:
The 9th Australasian Conference on Information Security and Privacy, ACISP '04, Sydney, Australia, July 13-15, 2004
Year:
2004
Keywords:
Other identifiers:
Laboratories:




 Record created 2007-01-22, last modified 2018-03-17

n/a:
Download fulltextPDF
External link:
Download fulltextURL
Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)