Застосування медового шифрування до схеми цифрового підпису Шнорра
Loading...
Date
2021
Authors
Олійник, Марія
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Стійкість криптосистем значною мірою залежить від надійності захисту секретних ключів, які в них використовуються. Зокрема, процедура генерування останніх повинна повертати достатньо різноманітні ключі, щоб їх не можна було підібрати за допомогою атаки повного перебору (brute-force attack). Медове шифрування використовують як додатковий бар’єр захисту ключів криптосистем для сповільнення атаки повного перебору. Як і для "криптографії білої скриньки" (White box cryptography), існують різні схеми медового шифрування залежно від того, на що спрямовано додатковий захист. Потреба додатково захищати таємні ключі виникає у системах віддаленого доступу, у контексті надання доступу до інформації авторизованим користувачам. У цій статті побудовано схеми додаткового захисту ключів системи цифрового підпису Шнорра, наведено псевдокод відповідних алгоритмів, проаналізовано складність атаки повним перебором.
The security of any cryptosystem mostly depends on the reliability of the protection of secret keys used in it. In particular, key generation procedure must give a variety of keys so that they cannot be picked up by a brute-force attack. Honey encryption is used as an additional barrier of cryptosystems’ keys protection to slow down a brute-force attack. As in the case of " white box cryptography", different honey encryption schemes are considered depending on what the additional protection is aimed at. The need to additionally protect secret keys arises in remote access systems, when it is necessary to provide access to information to authorized users. The idea of encryption, which would provide adequate additional protection, is to build a system so that the attacker will not be able to recover the original text, even after searching through all possible options for passwords or keys. Based on the concept of lure systems, this system outputs messages that are difficult to distinguish from the true ones. Such messages are called, it honey, which, like the sweet substance, but in computer security terminology, “ drag ” the opponent into a dead end. This article constructs schemes for additional key protection of the Schnorr Signature Scheme, describes the pseudocodes of the corresponding algorithms, analyzes the complexity of a brute-force attack. This scheme requires additional protection against the a secret key because storing it in the open is unreliable. With the proposed encryption algorythm, we can “hide” a into a sequence of integers, and extract it back with the proposed decryption algorythm. If the sequence is entered by an attacker and does not contain a masked number a, decryption algorythm will return the result of multiplying the last number by the inverse q to the first prime number, if any, in the set, or the penultimate number in the set. Therefore, when trying to artificially pick up a secret key by a brute-force attack, the attacker will get a number similar to a but which he will not be able to use when trying to forge Alice’s signature.
The security of any cryptosystem mostly depends on the reliability of the protection of secret keys used in it. In particular, key generation procedure must give a variety of keys so that they cannot be picked up by a brute-force attack. Honey encryption is used as an additional barrier of cryptosystems’ keys protection to slow down a brute-force attack. As in the case of " white box cryptography", different honey encryption schemes are considered depending on what the additional protection is aimed at. The need to additionally protect secret keys arises in remote access systems, when it is necessary to provide access to information to authorized users. The idea of encryption, which would provide adequate additional protection, is to build a system so that the attacker will not be able to recover the original text, even after searching through all possible options for passwords or keys. Based on the concept of lure systems, this system outputs messages that are difficult to distinguish from the true ones. Such messages are called, it honey, which, like the sweet substance, but in computer security terminology, “ drag ” the opponent into a dead end. This article constructs schemes for additional key protection of the Schnorr Signature Scheme, describes the pseudocodes of the corresponding algorithms, analyzes the complexity of a brute-force attack. This scheme requires additional protection against the a secret key because storing it in the open is unreliable. With the proposed encryption algorythm, we can “hide” a into a sequence of integers, and extract it back with the proposed decryption algorythm. If the sequence is entered by an attacker and does not contain a masked number a, decryption algorythm will return the result of multiplying the last number by the inverse q to the first prime number, if any, in the set, or the penultimate number in the set. Therefore, when trying to artificially pick up a secret key by a brute-force attack, the attacker will get a number similar to a but which he will not be able to use when trying to forge Alice’s signature.
Description
Keywords
медове шифрування, стійкість, схема цифрового підпису Шнорра, стаття, honey encryption, security, Schnorr Signature Scheme
Citation
Олійник М. А. Застосування медового шифрування до схеми цифрового підпису Шнорра / Олійник М. А. // Могилянський математичний журнал. - 2021. - Т. 4. - С. 3-6. - https://doi.org/10.18523/2617-7080420213-6