Strong adaptive chosen-ciphertext attacks with memory dump (or: The importance of the order of decryption and validation)

Seungjoo Kim; Jung Hee Cheon; Marc Joye; Seongan Lim; Masahiro Mambo; Dongho Won; Yuliang Zheng

doi:10.1007/3-540-45325-3_11

Strong adaptive chosen-ciphertext attacks with memory dump (or: The importance of the order of decryption and validation)

Seungjoo Kim, Jung Hee Cheon, Marc Joye, Seongan Lim, Masahiro Mambo, Dongho Won, Yuliang Zheng

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Citations (Scopus)

Abstract

This paper presents a new type of powerful cryptanalytic attacks on public-key cryptosystems, extending the more commonly studied adaptive chosen-ciphertext attacks. In the new attacks, an adversary is not only allowed to submit to a decryption oracle (valid or invalid) ciphertexts of her choice, but also to emit a “dump query” prior to the completion of a decryption operation. The dump query returns intermediate results that have not been erased in the course of the decryption operation, whereby allowing the adversary to gain vital advantages in breaking the cryptosystem. We believe that the new attack model approximates more closely existing security systems. We examine its power by demonstrating that most existing public-key cryptosystems, including OAEP-RSA, are vulnerable to our extended attacks.

Original language	English
Title of host publication	Cryptography and Coding - 8th IMA International Conference, Proceedings
Editors	Bahram Honary, Bahram Honary
Publisher	Springer Verlag
Pages	114-127
Number of pages	14
ISBN (Print)	3540430261, 9783540430261
DOIs	https://doi.org/10.1007/3-540-45325-3_11
Publication status	Published - 2001
Externally published	Yes
Event	8th IMA International Conference on Cryptography and Coding, 2001 - Cirencester, United Kingdom Duration: 2001 Dec 17 → 2001 Dec 19

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	2260
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	8th IMA International Conference on Cryptography and Coding, 2001
Country/Territory	United Kingdom
City	Cirencester
Period	01/12/17 → 01/12/19

Keywords

Chosen-ciphertext security
Ciphertext validity
ElGamal encryption
Encryption
OAEP-RSA
Provable security

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/3-540-45325-3_11

Cite this

Kim, S., Cheon, J. H., Joye, M., Lim, S., Mambo, M., Won, D., & Zheng, Y. (2001). Strong adaptive chosen-ciphertext attacks with memory dump (or: The importance of the order of decryption and validation). In B. Honary, & B. Honary (Eds.), Cryptography and Coding - 8th IMA International Conference, Proceedings (pp. 114-127). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2260). Springer Verlag. https://doi.org/10.1007/3-540-45325-3_11

Strong adaptive chosen-ciphertext attacks with memory dump (or: The importance of the order of decryption and validation). / Kim, Seungjoo; Cheon, Jung Hee; Joye, Marc et al.
Cryptography and Coding - 8th IMA International Conference, Proceedings. ed. / Bahram Honary; Bahram Honary. Springer Verlag, 2001. p. 114-127 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2260).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kim, S, Cheon, JH, Joye, M, Lim, S, Mambo, M, Won, D & Zheng, Y 2001, Strong adaptive chosen-ciphertext attacks with memory dump (or: The importance of the order of decryption and validation). in B Honary & B Honary (eds), Cryptography and Coding - 8th IMA International Conference, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2260, Springer Verlag, pp. 114-127, 8th IMA International Conference on Cryptography and Coding, 2001, Cirencester, United Kingdom, 01/12/17. https://doi.org/10.1007/3-540-45325-3_11

Kim S, Cheon JH, Joye M, Lim S, Mambo M, Won D et al. Strong adaptive chosen-ciphertext attacks with memory dump (or: The importance of the order of decryption and validation). In Honary B, Honary B, editors, Cryptography and Coding - 8th IMA International Conference, Proceedings. Springer Verlag. 2001. p. 114-127. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/3-540-45325-3_11

Kim, Seungjoo ; Cheon, Jung Hee ; Joye, Marc et al. / Strong adaptive chosen-ciphertext attacks with memory dump (or : The importance of the order of decryption and validation). Cryptography and Coding - 8th IMA International Conference, Proceedings. editor / Bahram Honary ; Bahram Honary. Springer Verlag, 2001. pp. 114-127 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{e9413308148f4ccbb29d31c60ee7ecee,

title = "Strong adaptive chosen-ciphertext attacks with memory dump (or: The importance of the order of decryption and validation)",

abstract = "This paper presents a new type of powerful cryptanalytic attacks on public-key cryptosystems, extending the more commonly studied adaptive chosen-ciphertext attacks. In the new attacks, an adversary is not only allowed to submit to a decryption oracle (valid or invalid) ciphertexts of her choice, but also to emit a “dump query” prior to the completion of a decryption operation. The dump query returns intermediate results that have not been erased in the course of the decryption operation, whereby allowing the adversary to gain vital advantages in breaking the cryptosystem. We believe that the new attack model approximates more closely existing security systems. We examine its power by demonstrating that most existing public-key cryptosystems, including OAEP-RSA, are vulnerable to our extended attacks.",

keywords = "Chosen-ciphertext security, Ciphertext validity, ElGamal encryption, Encryption, OAEP-RSA, Provable security",

author = "Seungjoo Kim and Cheon, {Jung Hee} and Marc Joye and Seongan Lim and Masahiro Mambo and Dongho Won and Yuliang Zheng",

note = "Publisher Copyright: {\textcopyright} Springer-Verlag Berlin Heidelberg 2001.; 8th IMA International Conference on Cryptography and Coding, 2001 ; Conference date: 17-12-2001 Through 19-12-2001",

year = "2001",

doi = "10.1007/3-540-45325-3_11",

language = "English",

isbn = "3540430261",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "114--127",

editor = "Bahram Honary and Bahram Honary",

booktitle = "Cryptography and Coding - 8th IMA International Conference, Proceedings",

}

TY - GEN

T1 - Strong adaptive chosen-ciphertext attacks with memory dump (or

T2 - 8th IMA International Conference on Cryptography and Coding, 2001

AU - Kim, Seungjoo

AU - Cheon, Jung Hee

AU - Joye, Marc

AU - Lim, Seongan

AU - Mambo, Masahiro

AU - Won, Dongho

AU - Zheng, Yuliang

N1 - Publisher Copyright: © Springer-Verlag Berlin Heidelberg 2001.

PY - 2001

Y1 - 2001

N2 - This paper presents a new type of powerful cryptanalytic attacks on public-key cryptosystems, extending the more commonly studied adaptive chosen-ciphertext attacks. In the new attacks, an adversary is not only allowed to submit to a decryption oracle (valid or invalid) ciphertexts of her choice, but also to emit a “dump query” prior to the completion of a decryption operation. The dump query returns intermediate results that have not been erased in the course of the decryption operation, whereby allowing the adversary to gain vital advantages in breaking the cryptosystem. We believe that the new attack model approximates more closely existing security systems. We examine its power by demonstrating that most existing public-key cryptosystems, including OAEP-RSA, are vulnerable to our extended attacks.

AB - This paper presents a new type of powerful cryptanalytic attacks on public-key cryptosystems, extending the more commonly studied adaptive chosen-ciphertext attacks. In the new attacks, an adversary is not only allowed to submit to a decryption oracle (valid or invalid) ciphertexts of her choice, but also to emit a “dump query” prior to the completion of a decryption operation. The dump query returns intermediate results that have not been erased in the course of the decryption operation, whereby allowing the adversary to gain vital advantages in breaking the cryptosystem. We believe that the new attack model approximates more closely existing security systems. We examine its power by demonstrating that most existing public-key cryptosystems, including OAEP-RSA, are vulnerable to our extended attacks.

KW - Chosen-ciphertext security

KW - Ciphertext validity

KW - ElGamal encryption

KW - Encryption

KW - OAEP-RSA

KW - Provable security

UR - http://www.scopus.com/inward/record.url?scp=84946837352&partnerID=8YFLogxK

U2 - 10.1007/3-540-45325-3_11

DO - 10.1007/3-540-45325-3_11

M3 - Conference contribution

AN - SCOPUS:84946837352

SN - 3540430261

SN - 9783540430261

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 114

EP - 127

BT - Cryptography and Coding - 8th IMA International Conference, Proceedings

A2 - Honary, Bahram

PB - Springer Verlag

Y2 - 17 December 2001 through 19 December 2001

ER -

Strong adaptive chosen-ciphertext attacks with memory dump (or: The importance of the order of decryption and validation)

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this