Signature schemes based on the strong RSA assumption

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Signature schemes based on the strong RSA assumption

Full text

Pdf (169 KB)

Source

ACM Transactions on Information and System Security (TISSEC) archive
Volume 3 , Issue 3 (August 2000) table of contents

Pages: 161 - 185

Year of Publication: 2000

ISSN:1094-9224

Authors

Ronald Cramer	Aarhus Univ., Aarhus, Denmark
Victor Shoup	IBM Zurich Research Lab, Zurich, Switzerland

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 12, Downloads (12 Months): 106, Citation Count: 18

Additional Information:

abstract references cited by index terms review collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/357830.357847 What is a DOI?

ABSTRACT

We describe and analyze a new digital signature scheme. The new scheme is quite efficient, does not require the signer to maintain any state, and can be proven secure against adaptive chosen message attack under a reasonable intractability assumption, the so-called strong RSA assumption. Moreover, a hash function can be incorporated into the scheme in such a way that it is also secure in the random oracle model under the standard RSA assumption.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Eric Bach , Jeffrey Shallit, Algorithmic number theory, MIT Press, Cambridge, MA, 1996
	2	BARIC, N. AND PFITZMANN, B. 1997. Collision-free accumulators and fail-stop signature schemes without trees. In Proceedings of the Conference on Advances in Cryptology (EUROCRYPT'97, Berlin, Germany), W. Fumy, Ed. Springer-Verlag, New York, NY, 480-494.
	3	BATEMAN, P. AND HORN, R. 1962. A heuristic asymptotic formula concerning the distribution of prime numbers. Math. Comput. 16, 363-367.
	4	BATEMAN, P. AND HORN, R. 1965. Primes represented by irreducible polynomials in one variable. In Proceedings of the Symposium on Pure Mathematics . 119-135.
	5	Mihir Bellare , Phillip Rogaway, Random oracles are practical: a paradigm for designing efficient protocols, Proceedings of the 1st ACM conference on Computer and communications security, p.62-73, November 03-05, 1993, Fairfax, Virginia, United States [doi>10.1145/168588.168596]
	6	Mihir Bellare , Phillip Rogaway, Collision-Resistant Hashing: Towards Making UOWHFs Practical, Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, p.470-484, August 17-21, 1997
	7	BLEICHENBACHER, D. 1996. Efficiency and security of cryptosystems based on number theory. Ph.D. Dissertation. Swiss Federal Institute of Technology, Zurich, Switzerland.
	8	BRILLHART, J., LEHMER, D., AND SELFRIDGE, J. 1975. New primality criteria and factorizations of 2 m 61. Math. Comput. 29, 620-647.
	9	Ran Canetti , Oded Goldreich , Shai Halevi, The random oracle methodology, revisited (preliminary version), Proceedings of the thirtieth annual ACM symposium on Theory of computing, p.209-218, May 24-26, 1998, Dallas, Texas, United States [doi>10.1145/276698.276741]
	10	Ronald Cramer , Ivan Damgård, New Generation of Secure and Practical RSA-Based Signatures, Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, p.173-185, August 18-22, 1996
	11	DAMGAARD, I., LANDROCK, P., AND POMERANCE, C. 1993. Average case error estimates for the strong probable prime test. Math. Comput. 61, 204 (Oct.), 177-194.
	12	Cynthia Dwork , Moni Naor, An Efficient Existentially Unforgeable Signature Scheme and its Applications, Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology, p.234-246, August 21-25, 1994
	13	Amos Fiat , Adi Shamir, How to prove yourself: practical solutions to identification and signature problems, Proceedings on Advances in cryptology---CRYPTO '86, p.186-194, January 1987, Santa Barbara, California, United States
	14	Eiichiro Fujisaki , Tatsuaki Okamoto, Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations, Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, p.16-30, August 17-21, 1997
	15	GENNARO, R., HALEVI, S., AND RABIN, T. 1999. Secure hash-and-sign signatures without the random oracle. In Proceedings of the Conference on Advances in Cryptology (EUROCRYPT '99). Springer-Verlag, New York, NY, 123-139.
	16	Shafi Goldwasser , Silvio Micali , Ronald L. Rivest, A digital signature scheme secure against adaptive chosen-message attacks, SIAM Journal on Computing, v.17 n.2, p.281-308, April 1988 [doi>10.1137/0217017]
	17	L. C. Guillou , J.-J. Quisquater, A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory, Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88, p.123-128, April 1988, Davos, Switzerland
	18	HALBERSTAM, H. AND RICHERT, H. 1974. Sieve Methods. Academic Press, Inc., Duluth, MN.
	19	IMPAGLIAZZO, R. AND ZUCKERMANN, D. 1989. How to recycle random bits. In Proceedings of the 30th IEEE Symposium on Foundations of Computer Science (FOCS '89, Research Triangle Park, NC, Oct. 30-Nov. 1). IEEE Computer Society Press, Los Alamitos, CA, 248-253.
	20	Joe Kilian , Phillip Rogaway, How to Protect DES Against Exhaustive Key Search, Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, p.252-267, August 18-22, 1996
	21	KRAWCZYK, H. AND RABIN, T. 1998. Chameleon Hashing and Signatures.
	22	Chae Hoon Lim , Pil Joong Lee, More Flexible Exponentiation with Precomputation, Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology, p.95-107, August 21-25, 1994
	23	Michael George Luby , Luby Michael, Pseudorandomness and Cryptographic Applications, Princeton University Press, Princeton, NJ, 1994
	24	MAURER, U. 1995. Fast generation of prime numbers and secure public-key cryptographic parameters. J. Cryptology 8, 123-155.
	25	M. Naor , M. Yung, Universal one-way hash functions and their cryptographic applications, Proceedings of the twenty-first annual ACM symposium on Theory of computing, p.33-43, May 14-17, 1989, Seattle, Washington, United States [doi>10.1145/73007.73011]
	26	David Pointcheval , Jacques Stern, Provably Secure Blind Signature Schemes, Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology, p.252-265, November 03-07, 1996
	27	RABIN, M. O. 1980. Probabilistic algorithms for testing primality. J. Number Theory 12, 128-138.
	28	ROSSER, J. AND SCHOENFELD, L. 1962. Approximate formulas for some functions of prime numbers. Ill. J. Math. 6, 64-94.
	29	SCHWEINBERGER, T. AND SHOUP, V. 2000. ACE: The Advanced Cryptographic Engine. Cryptology ePrint Archive, Report 2000/022. http://eprint.iacr.org.
	30	SHA AND NIST. 1995. NIST FIPS PUB 180-1, Secure Hash Standard. National Institute of Standards and Technology, Gaithersburg, MD.
	31	SHOUP, V. 2000a. A composition theorem for universal one-way hash functions. In Proccedings of the Workshop on Advances in Cryptology (EUROCRYPT 2000). Springer-Verlag, New York, NY.
	32	SHOUP, V. 2000b. Using hash functions as a hedge against chosen ciphertext attack. In Proccedings of the Workshop on Advances in Cryptology (EUROCRYPT 2000). Springer-Verlag, New York, NY.

CITED BY 18

	Ernie Brickell , Jan Camenisch , Liqun Chen, Direct anonymous attestation, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA
	Nuttapong Attrapadung , Kazukuni Kobara, Broadcast encryption with short keys and transmissions, Proceedings of the 3rd ACM workshop on Digital rights management, October 27-27, 2003, Washington, DC, USA
	Christian Cachin, An asynchronous protocol for distributed computation of RSA inverses and its applications, Proceedings of the twenty-second annual symposium on Principles of distributed computing, p.153-162, July 13-16, 2003, Boston, Massachusetts
	Philip MacKenzie , Alina Oprea , Michael K. Reiter, Automatic generation of two-party computations, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA
	Chang N. Zhang , Chunren Lai, A systematic approach for encryption and authentication with fault tolerance, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.45 n.2, p.143-154, 5 June 2004
	Daniel R. Brown, Generic Groups, Collision Resistance, and ECDSA, Designs, Codes and Cryptography, v.35 n.1, p.119-152, April 2005
	Chik How Tan, A secure signature scheme, Proceeding of the 2006 international conference on Communications and mobile computing, July 03-06, 2006, Vancouver, British Columbia, Canada
	Kaoru Kurosawa , Swee-Huay Heng, The power of identification schemes, International Journal of Applied Cryptography, v.1 n.1, p.60-69, February 2008
	Victor K. Wei, Invisible designated confirmer signatures without random oracles, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore
	Jung Hee Cheon , Dong Hoon Lee, Use of Sparse and/or Complex Exponents in Batch Verification of Exponentiations, IEEE Transactions on Computers, v.55 n.12, p.1536-1542, December 2006
	Kamer Kaya , Ali Aydın Selçuk, Threshold cryptography based on Asmuth-Bloom secret sharing, Information Sciences: an International Journal, v.177 n.19, p.4148-4160, October, 2007
	Chik How Tan, A new signature scheme without random oracles, International Journal of Security and Networks, v.1 n.3/4, p.237-242, December 2006
	Aggelos Kiayias , Moti Yung, Secure scalable group signature with dynamic joins and separable authorities, International Journal of Security and Networks, v.1 n.1/2, p.24-45, September 2006
	Constantin Popescu, An Improvement of the Ateniese's Verifiable Encryption Protocol, Informatica, v.16 n.1, p.121-130, January 2005
	Craig Gentry , Chris Peikert , Vinod Vaikuntanathan, Trapdoors for hard lattices and new cryptographic constructions, Proceedings of the 40th annual ACM symposium on Theory of computing, May 17-20, 2008, Victoria, British Columbia, Canada
	Takahiro Matsuda , Nuttapong Attrapadung , Goichiro Hanaoka , Kanta Matsuura , Hideki Imai, A Strongly Unforgeable Signature under the CDH Assumption without Collision Resistant Hash Functions, IEICE - Transactions on Information and Systems, v.E91-D n.5, p.1466-1476, May 2008
	Mototsugu Nishioka , Naohisa Komatsu, A Note on the Random Oracle Methodology, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, v.E91-A n.2, p.650-663, February 2008
	Shunichi Hayashi , Mitsuru Tada, A Digital Signature Scheme Based on NP-Complete Lattice Problems, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, v.E91-A n.5, p.1253-1264, May 2008

INDEX TERMS

Primary Classification:
K. Computing Milieux
K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
K.6.5 Security and Protection (D.4.6, K.4.2)
Subjects: Authentication

General Terms:
Algorithms, Security, Theory

Keywords:
RSA, digital signatures, provable security

REVIEW

"Adrian Constantin Atanasiu : Reviewer"

A new digital signature scheme is described and analyzed. Its security (against chosen message attack) is based on the strong RSA assumption (defined in 1997 by Baric and Pfitzmann). This scheme is state-free (does not require that the signer more...

Collaborative Colleagues:

Ronald Cramer: colleagues

Victor Shoup: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player