Results 1 
6 of
6
Generating ElGamal signatures without knowing the secret key
, 1996
"... . We present a new method to forge ElGamal signatures if the public parameters of the system are not chosen properly. Since the secret key is hereby not found this attack shows that forging ElGamal signatures is sometimes easier than the underlying discrete logarithm problem. 1 Introduction ElGamal ..."
Abstract

Cited by 38 (0 self)
 Add to MetaCart
. We present a new method to forge ElGamal signatures if the public parameters of the system are not chosen properly. Since the secret key is hereby not found this attack shows that forging ElGamal signatures is sometimes easier than the underlying discrete logarithm problem. 1 Introduction ElGamal's digital signature scheme [4] relies on the difficulty of computing discrete logarithms in the multiplicative group IF p and can therefore be broken if the computation of discrete logarithms is feasible. However, the converse has never been proved. In this paper we show that it is sometimes possible to forge signatures without breaking the underlying discrete logarithm problem. This shows that the ElGamal signature scheme and some variants of the scheme must be used very carefully. The paper is organized as follows. Section 2 describes the ElGamal signature scheme. In Section 3 we present a method to forge signatures if some additional information on the generator is known. We show that...
Classification of Blind Signature Schemes and Examples of Hidden and Weak Blind Signatures
, 1994
"... We introduce four classes of blind signatures: the hidden, the weak blind, the interactive blind and the strong blind signatures. Then we give examples of hidden ElGamalsignatures and weak blind signature schemes with message recovery which were developed from the ideas of Nyberg and Rueppel's sign ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
We introduce four classes of blind signatures: the hidden, the weak blind, the interactive blind and the strong blind signatures. Then we give examples of hidden ElGamalsignatures and weak blind signature schemes with message recovery which were developed from the ideas of Nyberg and Rueppel's signature scheme. 1. Introduction The concept of blind signature schemes has been proposed by David Chaum in 1982 [Chau82]. Since then there have been many efforts to construct blind signature schemes. They can be used in many applications like pseudonymous credentials, electronic cash or anonymous access control [Chau85, Bran93, CaPS94]. In all cases the security of the protocols is considered at the moment when the notary signs the document. It wasn't necessary to check, that the signature keeps it's anonymity when it is presented later to the notary who can store the signature parameters of all signed documents. This new aspect leads to a classification in our case, because all of our propos...
Signature Scheme for Controlled Environments
 In: Proceedings of Information and Communications Security (ICICS’99), LNCS 1726
, 1999
"... We propose a signature system that will be very useful for controlled environments, like corporate networks, where regulation of signatures generated using the certified public/private key pairs is essential. We then demonstrate the usefulness of the system by extending it to realise a proxy signatu ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
We propose a signature system that will be very useful for controlled environments, like corporate networks, where regulation of signatures generated using the certified public/private key pairs is essential. We then demonstrate the usefulness of the system by extending it to realise a proxy signature system with revocable delegation.
Fully SelfOrganized PeertoPeer Key Management for Mobile Ad Hoc
"... Mobile ad hoc networks (MANETs) offer communication over a shared wireless channel without any preexisting infrastructure. Forming peertopeer security associations in MANETs is more challenging than in conventional networks due to the lack of central authority. The main contribution of this paper ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Mobile ad hoc networks (MANETs) offer communication over a shared wireless channel without any preexisting infrastructure. Forming peertopeer security associations in MANETs is more challenging than in conventional networks due to the lack of central authority. The main contribution of this paper is a low complexity key management scheme that is suitable for fully selforganized MANETs. The proposed peertopeer key management scheme uses subordinate public keys and cryptobased identifiers to eliminate any form of trusted third party. Nodes can create, disseminate and revocate their own keying material with low communication and computational overhead. We show how localized certificate exchanges on the network layer can be used to break the routingsecurity interdependence cycle without degrading the performance of the network. Our proposed solution is also generic since it can be deployed in any “open ” mobile wireless network with symmetric or asymmetric encryption.
Generating ElGamal signatures without knowing the secret key
, 1996
"... . We present a new method to forge ElGamal signatures if the public parameters of the system are not chosen properly. Since the secret key is hereby not found this attack shows that forging ElGamal signatures is sometimes easier than the underlying discrete logarithm problem. 1 Introduction El ..."
Abstract
 Add to MetaCart
. We present a new method to forge ElGamal signatures if the public parameters of the system are not chosen properly. Since the secret key is hereby not found this attack shows that forging ElGamal signatures is sometimes easier than the underlying discrete logarithm problem. 1 Introduction ElGamal's digital signature scheme [4] relies on the difficulty of computing discrete logarithms in the multiplicative group IF p and can therefore be broken if the computation of discrete logarithms is feasible. However, the converse has never been proved. In this paper we show that it is sometimes possible to forge signatures without breaking the underlying discrete logarithm problem. This shows that the ElGamal signature scheme and some variants of the scheme must be used very carefully. The paper is organized as follows. Section 2 describes the ElGamal signature scheme. In Section 3 we present a method to forge signatures if some additional information on the generator is known. We show ...
A Survey of Elliptic Curve Cryptosystems, Part I: Introductory
, 2003
"... The theory of elliptic curves is a classical topic in many branches of algebra and number theory, but recently it is receiving more attention in cryptography. An elliptic curve is a twodimensional (planar) curve defined by an equation involving a cubic power of coordinate x and a square power of co ..."
Abstract
 Add to MetaCart
The theory of elliptic curves is a classical topic in many branches of algebra and number theory, but recently it is receiving more attention in cryptography. An elliptic curve is a twodimensional (planar) curve defined by an equation involving a cubic power of coordinate x and a square power of coordinate y. One class of these curves is