Skip to Main content Skip to Navigation
Conference papers

Recovering Private Keys Generated with Weak PRNGs

Abstract : Suppose that the private key of discrete logarithm-based or factoring-based public-key primitive is obtained by concatenating the outputs of a linear congruential generator. How seriously is the scheme weakened as a result? While linear congruential generators are cryptographically very weak "pseudorandom" number generators, the answer to that question is not immediately obvious, since an adversary in such a setting does not get to examine the outputs of the congruential generator directly, but can only obtain an implicit hint about them—namely the public key. In this paper, we take a closer look at that problem, and show that, in most cases, an attack does exist to retrieve the key much faster than with a naive exhaustive search on the seed of the generator.
Document type :
Conference papers
Complete list of metadata

Cited literature [26 references]  Display  Hide  Download
Contributor : Pierre-Alain Fouque Connect in order to contact the contributor
Submitted on : Friday, December 12, 2014 - 9:20:46 AM
Last modification on : Thursday, August 4, 2022 - 5:28:54 PM
Long-term archiving on: : Friday, March 13, 2015 - 10:20:50 AM


Files produced by the author(s)



Pierre-Alain Fouque, Mehdi Tibouchi, Jean-Christophe Zapalowicz. Recovering Private Keys Generated with Weak PRNGs. Cryptography and Coding - 14th International Conference, Dec 2013, Oxford, United Kingdom. pp.158 - 172, ⟨10.1007/978-3-642-45239-0_10⟩. ⟨hal-01094296⟩



Record views


Files downloads