Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

A cautionary note: Side-channel leakage implications of deterministic signature schemes

: Seuschek, H.; Heyszl, J.; Santis, F. de


Association for Computing Machinery -ACM-:
CS2 2016, Third Workshop on Cryptography and Security in Computing Systems : Prague, Czech Republic, January 20, 2016
New York: ACM, 2016
ISBN: 978-1-4503-4065-6
Workshop on Cryptography and Security in Computing Systems (CS2) <3, 2016, Prague>
Fraunhofer AISEC ()

Two recent proposals by Bernstein and Pornin emphasize the use of deterministic signatures in DSA and its elliptic curve-based variants. Deterministic signatures derive the required ephemeral key value in a deterministic manner from the message to be signed and the secret key instead of using random number generators. The goal is to prevent severe security issues, such as the straight-forward secret key recovery from low quality random numbers. Recent developments have raised skepticism whether e.g. embedded or pervasive devices are able to generate randomness of sufficient quality. The main concerns stem from individual implementations lacking sufficient entropy source and standardized methods for random number generation with suspected back doors. While we support the goal of deterministic signatures, we are concerned about the fact that this has a significant influence on side-channel security of implementations.