On the (In)Security of ElGamal in OpenPGP

被引：0

作者：

De Feo, Luca ^{[1
]}

Poettering, Bertram ^{[1
]}

Sorniotti, Alessandro ^{[1
]}

机构：

[1] IBM Res Europe, Zurich, Switzerland

来源：

COMMUNICATIONS OF THE ACM | 2023年 / 66卷 / 06期

关键词：

EXPONENTIATION; ATTACKS;

D O I：

10.1145/3592835

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Roughly four decades ago, Taher ElGamal put forward what is today one of the most widely known and best understood public key encryption schemes. ElGamal encryption has been used in many different contexts, chiefly among them by the OpenPGP email encryption standard. Despite its simplicity, or perhaps because of it, in reality there is a large degree of ambiguity on several key aspects of the cipher. Each library in the OpenPGP ecosystem seems to have implemented a slightly different "flavor" of ElGamal encryption. While-taken in isolation-each implementation may be secure, we reveal that in the interoperable world of OpenPGP, unforeseen cross-configuration attacks become possible. Concretely, we propose different such attacks and show their practical efficacy by recovering plaintexts and even secret keys.

引用

页码：107 / 115

页数：9

共 50 条

[41] ELGAMAL ENCRYPTION IN PAIGE LOOPS
Partala, Juha
Seppanen, Tapio
JP JOURNAL OF ALGEBRA NUMBER THEORY AND APPLICATIONS, 2007, 7 (02): : 285 - 296
[42] On the Uniformity of Distribution of the ElGamal Signature
Igor E. Shparlinski
Applicable Algebra in Engineering, Communication and Computing, 2002, 13 : 9 - 16
[43] Hybrid Cryptosystem for Image Security by Using Hill Cipher 4x4 and ElGamal Elliptic Curve Algorithm
Rachmawati, Dian
Budiman, Mohammad Andri
Wardhono, Muhammad Ishan
2018 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATION, NETWORKS AND SATELLITE (COMNETSAT), 2018, : 49 - 54
[44] Leakage Resilient ElGamal Encryption
Kiltz, Eike
Pietrzak, Krzysztof
ADVANCES IN CRYPTOLOGY - ASIACRYPT 2010, 2010, 6477 : 595 - +
[45] Let's Refresh! Efficient and Private OpenPGP Certificate Updates
Mueller, Tobias
2020 28TH INTERNATIONAL CONFERENCE ON SOFTWARE, TELECOMMUNICATIONS AND COMPUTER NETWORKS (SOFTCOM), 2020, : 350 - 355
[46] An efficient ElGamal cryptosystem scheme
Hussein H.I.
Abduallah W.M.
International Journal of Computers and Applications, 2021, 43 (10) : 1088 - 1094
[47] On the uniformity of distribution of the ElGamal signature
Shparlinski, IE
APPLICABLE ALGEBRA IN ENGINEERING COMMUNICATION AND COMPUTING, 2002, 13 (01) : 9 - 16
[48] Environmental Benefits of Enhanced Hecc-Elgamal Cryptosystem for Security in Cloud Data Storage Using Soft Computing Techniques
Devi, T.
Ganesan, R.
EKOLOJI, 2019, 28 (107): : 665 - 677
[49] A fast, GPU based, dictionary attack to OpenPGP secret keyrings
Milo, Fabrizio
Bernaschi, Massimo
Bisson, Mauro
JOURNAL OF SYSTEMS AND SOFTWARE, 2011, 84 (12) : 2088 - 2096
[50] "Johnny, you are fired!" - Spoofing OpenPGP and S/MIME Signatures in Emails
Mueller, Jens
Brinkmann, Marcus
Poddebniak, Damian
Boeck, Hanno
Schinzel, Sebastian
Somorovsky, Juraj
Schwenk, Joerg
PROCEEDINGS OF THE 28TH USENIX SECURITY SYMPOSIUM, 2019, : 1011 - 1028

← 1 2 3 4 5 →