Access Restriction

Author Pfitzmann, Birgit ♦ Waidner, Michael
Source CiteSeerX
Content type Text
Publisher Springer-Verlag
File Format PDF
Language English
Subject Domain (in DDC) Computer science, information & general works ♦ Data processing & computer science
Subject Keyword Model Smart Card ♦ Secret Computation ♦ Important Protocol ♦ Server-aided Rsa Computation ♦ Smart Card ♦ Active Attack ♦ Easy Measure ♦ Card Holder ♦ Secret Rsa Operation ♦ Insecure Auxiliary Device ♦ Related Protocol ♦ Main Attack ♦ Search Space Suffice ♦ Exhaustive Search ♦ Certain Space
Description . On Crypto '88, Matsumoto, Kato, and Imai presented protocols to speed up secret computations with insecure auxiliary devices. The two most important protocols enable a smart card to compute the secret RSA operation faster with the help of a server that is not necessarily trusted by the card holder. It was stated that if RSA is secure, the protocols could only be broken by exhaustive search in certain spaces. Our main attacks show that much smaller search spaces suffice. These attacks are passive and therefore undetectable. It was already known that one of the protocols is vulnerable to active attacks. We show that this holds for the other protocol, too. More importantly, we show that our attack may still work if the smart card checks the correctness of the result; this was previously believed to be an easy measure excluding all active attacks. Finally, we discuss attacks on related protocols. 1 Introduction 1.1 The Model Smart cards are often considered as appropriate for carrying ...
Educational Role Student ♦ Teacher
Age Range above 22 year
Educational Use Research
Education Level UG and PG ♦ Career/Technical Study
Learning Resource Type Article
Publisher Date 1992-01-01