Re: [Cfrg] Security proofs v DH backdoors

[Watson Ladd <watsonbladd@gmail.com>]

On Oct 30, 2016 4:12 AM, "Peter Gutmann" <pgut001@cs.auckland.ac.nz> wrote:
>
> Hanno Böck <hanno@hboeck.de> writes:
>
> >I'm really interested what you mean here, can you point to concrete
examples
> >of such attacks?
>
> There's so much I don't really know where to start... I've just done a
quick
> google of "fault attack ecdsa" and got 29,700 hits (OK, lots will be dups
:-),
> but the first few (de-dup'd) papers are:
>
>   A Fault Attack on ECDSA
>   Fault Attacks on Elliptic Curve Cryptosystems
>   A Novel Fault Attack Against ECDSA
>   Synthesis of Fault Attacks on Cryptographic Implementations
>   Fault Attack to the Elliptic Curve Digital Signature Algorithm
>   [...]
>
> Real-world attacks would be, for example, the recovery of the PS3 master
> signing key due to bad RNG use in ECDSA, equivalent to an RNG fault.

How many of those papers would apply to DSA? What about the vulnerability
of RSA signatures to faults?

>
> Peter.
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg