Generalized attack on ECDSA: known bits in arbitrary positions

This work focuses on the generalized model of known bits in ECDSA nonces. We start from recovering the secret key from the middle bits of the nonce, and extend the attack to the situation that multiple bit chunks are known in arbitrary positions, then translate the information into the extended hidd...

Full description

Saved in:
Bibliographic Details
Published in:Designs, codes, and cryptography codes, and cryptography, 2023-11, Vol.91 (11), p.3803-3823
Main Authors: Cao, Jinzheng, Weng, Jian, Pan, Yanbin, Cheng, Qingfeng
Format: Article
Language:English
Subjects:
Coding and Information Theory
Computer Science
Cryptology
Discrete Mathematics in Computer Science
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This work focuses on the generalized model of known bits in ECDSA nonces. We start from recovering the secret key from the middle bits of the nonce, and extend the attack to the situation that multiple bit chunks are known in arbitrary positions, then translate the information into the extended hidden number problem. The new attack generalizes the lattice-based side-channel attacks on ECDSA, and enables the attacker to recover the key from bit leakage scenarios that conventional models can not process. We perform simulations and experiments to verify the theoretical estimations about the effectiveness of the attack.
ISSN:0925-1022
1573-7586
DOI:10.1007/s10623-023-01269-7