User impersonation in key certification schemes |
| |
Authors: | Arjen K. Lenstra Yacov Yacobi |
| |
Affiliation: | (1) Bellcore, 445 South Street, 07960 Morristown, NJ, USA |
| |
Abstract: | In this note we exhibit some weaknesses in two key certification schemes. We show how a legitimate user can impersonate any other user in an ElGamal-based certification scheme, even if hashing is applied first. Furthermore, we show how anybody can impersonate users of the modular square root key certification scheme, if no hashing occurs before the certification. This shows that it is essential for this certification scheme to hash a message before signing it. |
| |
Keywords: | Public key Key certification Certification authority |
本文献已被 SpringerLink 等数据库收录! |