Security Analysis of ElGamal Implementations

被引：3

作者：

El Laz, Mohamad ^{[1
]}

Gregoire, Benjamin ^{[1
]}

Rezk, Tamara ^{[1
]}

机构：

[1] Inria Sophia Antipolis Mediterranee, Valbonne, France

来源：

PROCEEDINGS OF THE 17TH INTERNATIONAL JOINT CONFERENCE ON E-BUSINESS AND TELECOMMUNICATIONS (SECRYPT), VOL 1 | 2020年

关键词：

ElGamal; DDH Assumption; Quadratic Residues; Voting Systems; Message Encoding;

D O I：

10.5220/0009817103100321

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The ElGamal encryption scheme is not only the most extensively used alternative to RSA, but is also almost exclusively used in voting systems as an effective homomorphic encryption scheme. Being easily adaptable to a wide range of cryptographic groups, the ElGamal encryption scheme enjoys homomorphic properties while remaining semantically secure. This is subject to the upholding of the Decisional Diffie-Hellman (DDH) assumption on the chosen group. We analyze 26 libraries that implement the ElGamal encryption scheme and discover that 20 of them are semantically insecure as they do not respect the Decisional Diffie-Hellman (DDH) assumption. From the five libraries that do satisfy the DDH assumption, we identify and compare four different message encoding and decoding techniques.

引用

页码：310 / 321

页数：12

共 50 条

[31] ElGamal algorithm with hyperchaotic sequence to enhance security of cloud data
Koppaka, Aruna Kumari
Lakshmi, Vadlamani Naga
INTERNATIONAL JOURNAL OF PERVASIVE COMPUTING AND COMMUNICATIONS, 2024, 20 (05) : 607 - 619
[32] On the security of the ElGamal-type signature scheme with small parameters
Kuwakado, H
Tanaka, H
IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 1999, E82A (01) : 93 - 97
[33] Two practical attacks against Bluetooth security using new enhanced implementations of security analysis tools
Haataja, Keijo M. J.
Proceedings of the IASTED International Conference on Communication, Network, and Information Security, 2005, : 13 - 18
[34] Security risks in deep learning implementations
Xiao, Qixue
Li, Kang
Zhang, Deyue
Xu, Weilin
arXiv, 2017,
[35] Security Risks in Deep Learning Implementations
Xiao, Qixue
Li, Kang
Zhang, Deyue
Xu, Weilin
2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (SPW 2018), 2018, : 123 - 128
[36] Verified Interoperable Implementations of Security Protocols
Bhargavan, Karthikeyan
Fournet, Cedric
Gordon, Andrew D.
Tse, Stephen
ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 2008, 31 (01):
[37] A New Security Metric for SOA Implementations
Larson, Dave
Liu, Jigang
2013 IEEE 7TH INTERNATIONAL CONFERENCE ON SOFTWARE SECURITY AND RELIABILITY - COMPANION (SERE-C), 2013, : 103 - 109
[38] On the Security of Partially Masked Software Implementations
Barenghi, Alessandro
Pelosi, Gerardo
2014 11TH INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY (SECRYPT), 2014, : 492 - 499
[39] Security management: Targets, essentials and implementations
Zhao Jing
Zheng Jianwu
ADVANCES AND INNOVATIONS IN SYSTEMS, COMPUTING SCIENCES AND SOFTWARE ENGINEERING, 2007, : 211 - +
[40] Verifying Implementations of Security Protocols by Refinement
Polikarpova, Nadia
Moskal, Michal
VERIFIED SOFTWARE: THEORIES, TOOLS, EXPERIMENTS, 2012, 7152 : 50 - +

← 1 2 3 4 5 →