Abstract
Here we present the polynomial-time algorithm of [417] which recovers theprivate keyof the signer if a small portion of bits of the so-callednoncein the Digital Signature Algorithm modulo a primepis known forEquationSource$$ \[{\rm O}\left( {{{\log }^{1/2}}p} \right)\] $$signatures.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer Basel AG
About this chapter
Cite this chapter
Shparlinski, I. (2003). The Insecurity of the Digital Signature Algorithm with Partially Known Nonces. In: Shparlinski, I. (eds) Cryptographic Applications of Analytic Number Theory. Progress in Computer Science and Applied Logic, vol 22. Birkhäuser, Basel. https://doi.org/10.1007/978-3-0348-8037-4_17
Download citation
DOI: https://doi.org/10.1007/978-3-0348-8037-4_17
Publisher Name: Birkhäuser, Basel
Print ISBN: 978-3-0348-9415-9
Online ISBN: 978-3-0348-8037-4
eBook Packages: Springer Book Archive