A short comment on the affine parts of SFLASHv3


In [3] SFLASH is presented, which supersedes SFLASH, one of the digital signature schemes in the NESSIE Portfolio of recommended cryptographic primitives [2]. We show that a known attack against the affine parts of SFLASH and SFLASH carries over immediately to the new version SFLASH: The 861 bit representing the affine parts of the secret key can easily be… (More)


Cite this paper

@article{Geiselmann2003ASC, title={A short comment on the affine parts of SFLASHv3}, author={Willi Geiselmann and Rainer Steinwandt}, journal={IACR Cryptology ePrint Archive}, year={2003}, volume={2003}, pages={220} }