Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
PKC
2009
Springer
2009
Springer
A Practical Key Recovery Attack on Basic TCHo
TCHo is a public key encryption scheme based on a stream cipher component, which is particular suitable for low cost devices like RFIDs. In its basic version, TCHo offers no IND-CCA2 security, but the authors suggest to use a generic hybrid construction to achieve this security level. The implementation of this method however, significantly increases the hardware complexity of TCHo and thus annihilates the advantage of being suitable for low cost devices. In this paper we show, that TCHo cannot be used without this construction. We present a chosen ciphertext attack on basic TCHo that recovers the secret key after approximately d3/2 decryptions, where d is the number of bits of the secret key polynomial. The entropy of the secret key is log2 `d w ? , where w is the weight of the secret key polynomial, and w is usually small compared to d. In particular, we can break all of the parameters proposed for TCHo within hours on a standard PC. Keywords. TCHo , chosen ciphertext attack, stream ...
Real-time TrafficRelated Content
| Added | 25 Nov 2009 |
| Updated | 25 Nov 2009 |
| Type | Conference |
| Year | 2009 |
| Where | PKC |
| Authors | Mathias Herrmann, Gregor Leander |
Comments (0)
Researcher Info
|
