From: Vitaly Chikunov <vt@altlinux.org> To: Open-source aspects of GOST Cryptography <oss-gost-crypto@lists.altlinux.org> Subject: [oss-gost-crypto] EC-RDSA and a key substitution attack Date: Tue, 4 Dec 2018 09:54:45 +0300 Message-ID: <20181204065445.gcaguhhvh7z6gajf@sole.flsd.net> (raw) Hi, В превью к ISO/IEC 14888-3:2018 сказано https://www.iso.org/obp/ui/#!iso:std:76382:en "NOTE 5 The mechanisms of EC-DSA, EC-GDSA. EC-RDSA and EC-FSDSA may be vulnerable to a key substitution attack[10]. The attack is realized if an adversary can find two distinct public keys and one signature such that the signature is valid for both public keys. There are several approaches of avoiding this attack and its possible impact on the security of a cryptographic system. For example, the public key corresponding to the private signing key can be added into the message to be signed." Где EC-RDSA это ГОСТ Р 34.10-2001 (а значит и 34.10-2012). На сколько эта атака актуальна для ГОСТа или это очередной наговор на российскую криптографию в стиле Н. Куртуа? Добавить signing key к message не сложно, но я исхожу из того, что этого делать не надо, так как в ГОСТе такого нет. Но если бы был рекомендованный метод формирования подписи с учетом этой атаки, то другое дело.
next reply other threads:[~2018-12-04 6:54 UTC|newest] Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-12-04 6:54 Vitaly Chikunov [this message] 2018-12-04 7:24 ` Vitaly Chikunov 2018-12-04 11:58 ` Paul Wolneykien 2018-12-05 7:35 ` Дмитрий Державин 2018-12-05 7:42 ` Vitaly Chikunov 2018-12-05 9:55 ` Дмитрий Державин 2018-12-05 11:37 ` Vitaly Chikunov
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20181204065445.gcaguhhvh7z6gajf@sole.flsd.net \ --to=vt@altlinux.org \ --cc=oss-gost-crypto@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
Open-source aspects of GOST Cryptography This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/oss-gost-crypto/0 oss-gost-crypto/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 oss-gost-crypto oss-gost-crypto/ http://lore.altlinux.org/oss-gost-crypto \ oss-gost-crypto@lists.altlinux.org oss-gost-crypto@lists.altlinux.ru oss-gost-crypto@lists.altlinux.com public-inbox-index oss-gost-crypto Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.oss-gost-crypto AGPL code for this site: git clone https://public-inbox.org/public-inbox.git