Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
139 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
46 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Attacking the Diebold Signature Variant -- RSA Signatures with Unverified High-order Padding (2403.01048v2)

Published 2 Mar 2024 in cs.CR

Abstract: We examine a natural but improper implementation of RSA signature verification deployed on the widely used Diebold Touch Screen and Optical Scan voting machines. In the implemented scheme, the verifier fails to examine a large number of the high-order bits of signature padding and the public exponent is three. We present an very mathematically simple attack that enables an adversary to forge signatures on arbitrary messages in a negligible amount of time.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (15)
  1. D. Bleichenbacher. RSA signature forgery based on implementation error. Advances in Cryptology – CRYPTO ’06, Rump session, August 2006. Available at http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html.
  2. Cryptanalysis of RSA signatures with fixed-pattern padding. In Advances in Cryptology – CRYPTO ’01, volume 2139, pages 433–439. Springer-Verlag, 2001.
  3. On the security of RSA padding. In Advances in Cryptology – CRYPTO ’99, volume 1666, pages 1–18. Springer-Verlag, 1999.
  4. W. de Jonge and D. Chaum. Attacks on some RSA signatures. In Advances in Cryptology – CRYPTO ’85, volume 218, pages 18–27. Springer-Verlag, 1986.
  5. Y. Desmedt and A. M. Odlyzko. A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes. In Advances in Cryptology – CRYPTO ’85, volume 218, pages 516–522. Springer-Verlag, 1986.
  6. Security analysis of the diebold accuvote-ts voting machine. In USENIX/ACCURATE Electronic Voting Technology Workshop – EVT ’07, 2007.
  7. Software review and security analysis of the diebold voting machine software, supplemental report. Technical report, Florida Department of State, August 2007.
  8. Software review and security analysis of the diebold voting machine software. Technical report, Florida Department of State, July 2007.
  9. M. Girault and J.-F. Misarsky. Selective forgery of RSA signatures using redundancy. In Advances in Cryptology - EUROCRYPT ’97, volume 1233, pages 495–508. Springer-Verlag, 1997.
  10. H. Hursti. Critical security issues the diebold optical scan design, July 2005. Available at http://www.blackboxvoting.org/BBVreport.pdf.
  11. H. Hursti. Diebold tsx evaluation: Critical security issues with diebold tsx, May 2006. Available at http://www.blackboxvoting.org/BBVreportIIunredacted.pdf.
  12. A. K. Lenstra and I. Shparlinski. Selective forgery of RSA signatures with fixed-pattern padding. In Practice and Theory in Public Key Cryptosystems – PKC ’02, volume 2274, pages 228–236. Springer-Verlag, 2002.
  13. On the security of some variants of the RSA signature scheme. In European Symposium on Research in Computer Security – ESORICS ’98, volume 1485, pages 85–96. Springer-Verlag, 1998.
  14. J.-F. Misarsky. A multiplicative attack using LLL algorithm on RSA signatures with redundancy. In Advances in Cryptology – CRYPTO ’97, volume 1294, pages 221–234. Springer-Verlag, 1997.
  15. Security analysis of the diebold accubasic interpreter. Technical report, Voting Systems Technology Assessment Advisory Board, Office of the Secretary of State of California, February 2006.
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now