Small subgroup confinement attack

From Wikipedia, the free encyclopedia
Jump to: navigation, search

In cryptography, a subgroup confinement attack (or small subgroup confinement attack) on a cryptographic method that operates in a large finite group is where an attacker attempts to compromise the method by forcing a key to be confined to an unexpectedly small subgroup of the desired group.

Several methods have been found to be vulnerable to subgroup confinement attack, including some forms or applications of Diffie-Hellman key exchange and DH-EKE.


  • P. C. van Oorschot, M. J. Wiener. (May 1996). "On Diffie-Hellman key agreement with short exponents". Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques. Eurocrypt. Saragossa, Spain: Springer-Verlag. pp. 332–343. ISBN 3-540-61186-X. 
  • D. Jablon (October 1996). "Strong Password-Only Authenticated Key Exchange". Computer Communication Review, ACM SIGCOMM. 26 (5): 5–26. doi:10.1145/242896.242897. 
  • C.H. Lim and P.J. Lee. (1998). "A key recovery attack on discrete log-based schemes using a prime order subgroup". Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology. CRYPTO . Springer-Verlag. pp. 249–263. ISBN 3-540-63384-7.