About this article
Published Online: Mar 23, 2018
Page range: 119 - 138
Received: Sep 29, 2016
DOI: https://doi.org/10.1515/tmmp-2017-0022
Keywords
© 2018
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License.
The generalized key substitution attacks were proposed as a generalization of the key substitution attacks to examine the security of the signature schemes adopted in ISO/IEC (1st CD) 14888-3, which standardizes appendix- -type signature schemes based on the discrete logarithm problem. This paper examines the message recovery signature schemes based on the discrete logarithm problem, adopted in ISO/IEC 9796-3:2006, and shows that all but one scheme are vulnerable to the generalized key substitution attacks.