Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IEEECIT
2010
IEEE
2010
IEEE
On Small Subgroup Non-confinement Attack
The small subgroup confinement attack works by confining cryptographic operations within a small subgroup, in which exhaustive search is feasible. This attack is overt and hence can be easily thwarted by adding a public key validation: verifying the received group element has proper order. In this paper, we present a different aspect of the small subgroup attack. Sometimes, the fact that an operation does not fall into the small subgroup confinement may provide an oracle to an attacker, leaking partial information about the long-term secrets. This attack is subtle and reflects structural weakness of a protocol; the question of whether the protocol has a public key validation is completely irrelevant. As a concrete example, we show how this attack works on the Secure Remote Password (SRP-6) protocol. Keywords-password authenticated key exchange, secure communication, Secure Remote Password protocol
Real-time TrafficIEEECIT 2010 | Information Technology | Public Key Validation | Small Subgroup | Small Subgroup Confinement |
| Added | 13 Feb 2011 |
| Updated | 13 Feb 2011 |
| Type | Journal |
| Year | 2010 |
| Where | IEEECIT |
| Authors | Feng Hao |
Comments (0)
Researcher Info
|
