Add to ORKGAbstract. Suppose that the private key of discrete logarithm-based or factoring-based public-key primitive is obtained by concatenating the outputs of a linear congruential generator. How seriously is the scheme weakened as a result? While linear congruential generators are cryptographically very weak “pseudorandom ” number generators, the answer to that question is not immediately obvious, since an adversary in such a setting does not get to examine the outputs of the congruential generator directly, but can only obtain an implicit hint about them—namely the public key. In this paper, we take a closer look at that problem, and show that, in most cases, an attack does exist to retrieve the key much faster than with a naive exhaustive search...
We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the blac...
Abstract. We study the security of a block cipher-based pseudorandom number generator, both in the b...
International audienceWe revisit the problem of proving that a user algorithm se-lected and correctl...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
The DSS signature algorithm requires the signer to generate a new random number with every signature...
The DSS signature algorithm requires the signer to generate a new random number with every signature...
We try to provide an alternative attitude toward the use of a Linear Congruential Generator (LCG her...
We describe a novel type of weak cryptographic private key that can exist in any discrete logarithm ...
We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the blac...
Pseudorandom Number Generators are deterministic algorithms which take in a value obtained from an e...
We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the blac...
Abstract. We study the security of a block cipher-based pseudorandom number generator, both in the b...
International audienceWe revisit the problem of proving that a user algorithm se-lected and correctl...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
International audienceSuppose that the private key of discrete logarithm-based or factoring-based pu...
The DSS signature algorithm requires the signer to generate a new random number with every signature...
The DSS signature algorithm requires the signer to generate a new random number with every signature...
We try to provide an alternative attitude toward the use of a Linear Congruential Generator (LCG her...
We describe a novel type of weak cryptographic private key that can exist in any discrete logarithm ...
We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the blac...
Pseudorandom Number Generators are deterministic algorithms which take in a value obtained from an e...
We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the blac...
Abstract. We study the security of a block cipher-based pseudorandom number generator, both in the b...
International audienceWe revisit the problem of proving that a user algorithm se-lected and correctl...