One of the purported advantages of the elliptic curve cryptosystem proposed by Demytko in 1993 is resistance to signature forgery under a chosen message attack. Based on a similar result by Bleichenbacheret al. on the LUC cryptosystem, this purported advantage is shown not to hold.
This is a preview of subscription content, log in to check access.
Buy single article
Instant access to the full article PDF.
Price includes VAT for USA
D. Bleichenbacher, W. Bosma, and A. K. Lenstra. Some remarks on Lucas-based cryptosystems, in D. Coppersmith, editor,Advances in Cryptology—Crypto '95. Springer-Verlag, New York, 1995, pp. 386–396.
N. Demytko, A new elliptic curve based analogue of RSA, in T. Helleseth, editor,Advances in Cryptology—Eurocrypt '93, Springer-Verlag, New York, pp. 40–49.
N. Koblitz, Elliptic curve cryptosystems,Mathematics of Computation, vol. 48 (1987), pp. 203–209.
K. Koyama, U. M. Maurer, T. Okamoto, and S. A. Vanstone, New public-key schemes based on elliptic curves over the ringZ n , in J. Feigenbaum, editor,Advances in Cryptology—Crypto '91, Springer-Verlag, New York, 1994, pp. 252–266.
K. Kurosawa, K. Okada, and S. Tsujii, Low exponent attack against elliptic curve RSA, in J. Pieprzyk and R. Safavi-Naini, editorsAdvances in Cryptology—Asiacrypt '94, Springer-Verlag, New York, 1995, pp. 376–383.
V. S. Miller, Use of elliptic curves in cryptography, in H. C. Williams, editor,Advances in Cryptology—Crypto '85, Springer-Verlag, New York, 1986, pp. 417–426.
P. L. Montgomery, Speeding the Pollard and elliptic curve methods of factorization,Mathematics of Computation, vol. 48, no. 177 (1987), pp. 243–264.
R. L. Rivest, A. Shamir, and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems,Communications of the ACM, vol. 21, no. 2 (1978), pp. 120–126.
Communicated by Ueli M. Maurer.
About this article
Cite this article
Kaliski, B.S. A chosen message attack on Demytko’s elliptic curve cryptosystem. J. Cryptology 10, 71–72 (1997). https://doi.org/10.1007/s001459900020
- Elliptic curves
- Chosen message attack
- Demytko’s cryptosystem
- Signature forgery