Pyrae

April 25th, 2003, 11:18

Hi there,

I've got some (plenty to be honest ) questions regarding DSA-based protection schemes,

where p (1024 bit), g, y, and q (160 bit) are known.

1. Forging

In some earlier thread someone mentioned that forging a valid

signature might have been possible in a similar case.

What does "forging" in this context mean?

Is it trying to brute-force x by trying values below q or is it

something about more sophisticated cryptanalysis?

2. Solving the DLP

Is solving the DLP in such cases feasible or will the sun burn out

prior to a getting a result?

If it is, which algos would be most promising (Pollard-Rho, Index-Calculus)?

Are there any public sources (might be maple, mathematica etc. aswell)

for those (it's no fun spending a month writing the whole stuff yourself

just for probably achieving no result ) or are the gurus keeping that code for themselves?

'nuff questions for now and thanks for reading,

Pyrae

I've got some (plenty to be honest ) questions regarding DSA-based protection schemes,

where p (1024 bit), g, y, and q (160 bit) are known.

1. Forging

In some earlier thread someone mentioned that forging a valid

signature might have been possible in a similar case.

What does "forging" in this context mean?

Is it trying to brute-force x by trying values below q or is it

something about more sophisticated cryptanalysis?

2. Solving the DLP

Is solving the DLP in such cases feasible or will the sun burn out

prior to a getting a result?

If it is, which algos would be most promising (Pollard-Rho, Index-Calculus)?

Are there any public sources (might be maple, mathematica etc. aswell)

for those (it's no fun spending a month writing the whole stuff yourself

just for probably achieving no result ) or are the gurus keeping that code for themselves?

'nuff questions for now and thanks for reading,

Pyrae