Welcome to the resource topic for 2007/320

Title:
On the Big Gap Between |p| and |q| in DSA

Authors: Zhengjun Cao

We introduce a message attack against DSA and show that the security of DSA is indeed reduced to the following problem, i.e., find \theta\in \mathbb{Z}_q^* such that\ \centerline{z=(\hat g^{\theta} \,\mbox{mod}\, p)\, \mbox{mod}\, q }\ where \mbox{Ord}_p(\hat g)=q and z\in \mathbb{Z}_q^* is randomly chosen by the adversary. Compared with the common key-only attack, i.e., find x\in \mathbb{Z}_q^* such that\ \centerline{ y= g^x \,\mbox{mod}\, p}\ the message attack is more effective because of the big gap between |p| (1024-bit) and |q| (160-bit).

ePrint: https://eprint.iacr.org/2007/320

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .