Small subgroup confinement attack
From Wikipedia, the free encyclopedia
In cryptography, a subgroup confinement attack (or small subgroup confinement attack) on a cryptographic method that operates in a large finite group is where an attacker attempts to compromise the method by forcing a key to be confined to an unexpectedly small subgroup of the desired group.
Several methods have been found to be vulnerable to subgroup confinement attack, including some forms or applications of Diffie-Hellman key exchange and DH-EKE.
[edit] References
- P. C. van Oorschot, M. J. Wiener. On Diffie-Hellman Key Agreement with Short Exponents. Proceedings of Eurocrypt 96, Springer-Verlag, May 1996.
- D. Jablon. Strong Password-Only Authenticated Key Exchange. Computer Communication Review, ACM SIGCOMM, vol. 26, no. 5, pp. 5-26, October 1996.
- C.H. Lim and P.J. Lee. A key recovery attack on discrete log-based schemes using a prime order subgroup. In Advances in Cryptology – Crypto ’97, volume 1294 of Lecture Notes in Computer Science, pages 249–263. Springer-Verlag, 1997.