On the (In)Security of ElGamal in OpenPGP

被引：0

作者：

De Feo, Luca ^{[1
]}

Poettering, Bertram ^{[1
]}

Sorniotti, Alessandro ^{[1
]}

机构：

[1] IBM Res Europe, Zurich, Switzerland

来源：

COMMUNICATIONS OF THE ACM | 2023年 / 66卷 / 06期

关键词：

EXPONENTIATION; ATTACKS;

D O I：

10.1145/3592835

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Roughly four decades ago, Taher ElGamal put forward what is today one of the most widely known and best understood public key encryption schemes. ElGamal encryption has been used in many different contexts, chiefly among them by the OpenPGP email encryption standard. Despite its simplicity, or perhaps because of it, in reality there is a large degree of ambiguity on several key aspects of the cipher. Each library in the OpenPGP ecosystem seems to have implemented a slightly different "flavor" of ElGamal encryption. While-taken in isolation-each implementation may be secure, we reveal that in the interoperable world of OpenPGP, unforeseen cross-configuration attacks become possible. Concretely, we propose different such attacks and show their practical efficacy by recovering plaintexts and even secret keys.

引用

页码：107 / 115

页数：9

共 50 条

[31] On Elgamal signature scheme
Kuo, Wen-Chung
PROCEEDINGS OF FUTURE GENERATION COMMUNICATION AND NETWORKING, WORKSHOP PAPERS, VOL 2, 2007, : 151 - 153
[32] Enhancing Security in Text Messages Using Matrix based Mapping and ElGamal Method in Elliptic Curve Cryptography
Balamurugan, R.
Kamalakannan, V
Ganth, Rahul D.
Tamilselvan, S.
2014 INTERNATIONAL CONFERENCE ON CONTEMPORARY COMPUTING AND INFORMATICS (IC3I), 2014, : 103 - 106
[33] Modified ElGamal cryptosystem
Nakamura, D
Kobayashi, K
INFORMATION SECURITY, 1998, 1396 : 96 - 108
[34] An architecture for distributed dictionary attacks to OpenPGP secret keyrings
Bernaschi, Massimo
Bisson, Mauro
Gabrielli, Emanuele
Tacconi, Simone
21ST EUROPEAN CONFERENCE ON MODELLING AND SIMULATION ECMS 2007: SIMULATIONS IN UNITED EUROPE, 2007, : 735 - +
[35] Addition of ElGamal plaintexts
Jakobsson, M
Juels, A
ADVANCES IN CRYPTOLOGY ASIACRYPT 2000, PROCEEDINGS, 2000, 1976 : 346 - 358
[36] OpenPGP-based financial instruments and dispute arbitration
Nagy, Daniel A.
Shakel, Nadzeya V.
FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, 2008, 5143 : 267 - +
[37] Incorporating a new hash function in OpenPGP and SSL/TLS
Michael, Christina N.
Su, Xiao
INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY, PROCEEDINGS, 2007, : 556 - +
[38] Enhanced cryptographic performance and security using optimized edward-elgamal signature scheme for IoT and blockchain applications
Kavitha, S.
Srinivasan, J.
Ramachandran, P.
Nasurulla, I.
INTERNATIONAL JOURNAL ON SMART SENSING AND INTELLIGENT SYSTEMS, 2024, 17 (01):
[39] Victory by KO: Attacking OpenPGP Using Key Overwriting<bold> </bold>Victory by KO: Attacking OpenPGP Using Key Overwriting<bold> </bold>
Bruseghini, Lara
Huigens, Daniel
Paterson, Kenneth G.
PROCEEDINGS OF THE 2022 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, CCS 2022, 2022, : 411 - 423
[40] ELGAMAL CRYPTOSYSTEMS ON BOOLEAN FUNCTIONS
Agibalov, G. P.
PRIKLADNAYA DISKRETNAYA MATEMATIKA, 2018, (42): : 57 - 65

← 1 2 3 4 5 →