| Twin signatures: an alternative to the hash-and-sign paradigm |
| Full text |
 Pdf
(403 KB)
|
| Source
|
Conference on Computer and Communications Security
archive
Proceedings of the 8th ACM conference on Computer and Communications Security
table of contents
Philadelphia, PA, USA
Session: Password Management and Digital Signatures
table of contents
Pages: 20 - 27
Year of Publication: 2001
ISBN:1-58113-385-5
|
|
Authors
|
|
| Sponsor |
|
| Publisher |
|
| Bibliometrics |
Downloads (6 Weeks): 8, Downloads (12 Months): 40, Citation Count: 0
|
|
|
 ABSTRACT
This paper introduces a simple alternative to the hash-and-sign paradigm, from the security point of view but for signing short messages, called twinning. A twin signature is obtained by signing twice a short message by a signature scheme. Analysis of the concept in different settings yields the following results: - We prove that no generic algorithm can efficiently forge a twin DSA signature. Although generic algorithms offer a less stringent form of security than computational reductions in the standard model, such successful proofs still produce positive evidence in favor of the correctness of the new paradigm.
- We prove in standard model an equivalence between the hardness of producing existential forgeries (even under adaptively chosen message attacks) of a twin version of a signature scheme proposed by Gennaro, Halevi and Rabin and the Flexible RSA Problem.
We consequently regard twinning as an interesting alternative to hash functions for eradicating existential forgery in signature schemes.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
|
| |
2
|
N.Baric and B.P .tzmann.Collision-Free Accum lators and Fail-Stop Signature Schemes without Trees.In Eurocrypt '97 ,LNCS 1233,pages 480 -484.Springer-Verlag,Berlin,1997.
|
 |
3
|
|
| |
4
|
J.-S.Coron and D.Naccache.Security Analysis of the Gennaro-Halevi-Rabin Signature Scheme.In Eurocrypt '99 ,LNCS 1592,pages 91 -101. Springer-Verlag,Berlin,1999.
|
| |
5
|
|
| |
6
|
T.El Gamal.A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. IEEE Transactions on Information Theory , IT -31(4):469 -472,July 1985.
|
| |
7
|
|
| |
8
|
R.Gennaro,S.Halevi,and T.Rabin.Secure Hash-and-Sign Signature Without the Random Oracle.In Eurocrypt '99 ,LNCS 1592,pages 123 -139. Springer-Verlag,Berlin,1999.
|
| |
9
|
|
| |
10
|
IEEE P1363.Standard Speci .cations for Public Key Cryptography.Available from http://grouper.ieee.org/groups/1363 August 1998.
|
| |
11
|
M.Jakobsson and C.P.Schnorr.Security of Discrete Logarithm Cryptosystems in the Random Oracle Model and Generic Model.Available from http://www.bell-labs.com/~markusj 1998.
|
| |
12
|
H.Krawczyk and T.Rabin.Chameleon Hashing and Signatures.In Proc.of NDSS '2000 .Internet Society, 2000.
|
| |
13
|
|
| |
14
|
|
| |
15
|
V.I.Nechaev.Complexity of a Determinate Algorithm for the Discrete Logarithm.Mathematical Notes ,55(2):165 -172,1994.
|
| |
16
|
NIST.Digital Signature Standard (DSS).Federal Information Processing Standards PUBlication 186, November 1994.
|
| |
17
|
K.Nyberg and R.A.Rueppel.Message Recovery for Signature Schemes Based on the Discrete Logarithm Problem.In Eurocrypt '94 ,LNCS 950,pages 182 -193. Springer-Verlag,Berlin,1995.
|
| |
18
|
J.M.Pollard.Monte Carlo Methods for Index Computation (mod p).Mathematics of Computation , 32(143):918 -924,July 1978.
|
| |
19
|
|
| |
20
|
C.P.Schnorr.E .cient Signature Generation by Smart Cards.Journal of Cryptolo y ,4(3):161 -174, 1991.
|
| |
21
|
V.Shoup.Lower Bounds for Discrete Logarithms and Related Problems.In Eurocrypt '97 ,LNCS 1233, pages 256 -266.Springer-Verlag,Berlin,1997.
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
E.3