Security of Signature Schemes in a Multi-User Setting
Purchase on Springer.com
$39.95 / €34.95 / £29.95*
Rent the article at a discountRent now
* Final gross prices may vary according to local VAT.
This paper initiates the study of the security of signature schemes in the multi-user setting. We argue that the well-accepted notion of security for signature schemes, namely existential unforgeability against adaptive chosen-message attacks, is not adequate for the multi-user setting. We propose an extension of this security notion to the multi-user setting and show that signature schemes proven secure in the single-user setting can, under reasonable constraints, also be proven secure in the multi-user setting.
- C. Adams and S. Farrell, Internet X.509 Public Key Infrastructure: Certificate Management Protocols, RFC 2510, March (1999).
- ANSI X9.62, Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), 1999.
- M. Bellare, A. Boldyreva and S. Micali, Public-key encryption in a multi-user setting: security proofs and improvements, Advances in Cryptology-Eurocrypt 2000, LNCS Vol. 1807 (2000) pp. 259–274.
- M. Bellare and P. Rogaway, Entity authentication and key distribution, Advances in Cryptology-Crypto '93, LNCS Vol. 773 (1993) pp. 232–249.
- M. Bellare and P. Rogaway, Optimal asymmetric encryption-how to encrypt with RSA, Advances in Cryptology-Eurocrypt '94, LNCS Vol. 950 (1994) pp. 92–111.
- M. Bellare and P. Rogaway, The exact security of digital signatures-how to sign with RSA and Rabin, Advances in Cryptology-Eurocrypt '96, LNCS Vol. 1070 (1996) pp. 399–416.
- D. Bernstein, A secure public-key signature system with extremely fast verification, preprint (2002).
- S. Blake-Wilson, D. Johnson and A. Menezes, Key agreement protocols and their security analysis, Proceedings of the 6th IMA International Conference on Cryptography and Coding, LNCS Vol. 1355 (1997) pp. 30–45.
- S. Blake-Wilson and A Menezes, Unknown key-share attacks on the station-to-station (STS) protocol, Proceedings of PKC '99, LNCS Vol. 1560 (1999) pp. 154–170.
- J. Boyar, K. Friedl and C. Lund, Practical zero-knowledge proofs: Giving hints and using deficiencies, Journal of Cryptology, Vol. 4 (1991) pp. 185–206.
- D. Brown, Generic groups, collision resistance, and ECDSA, preprint (2001).
- J. Camenisch and M. Michels, Proving in zero-knowledge that a number is a product of two safe primes,Advances in Cryptology-Eurocrypt '99, LNCS Vol. 1592 (1999) pp. 107–122.
- R. Canetti and H. Krawczyk, Analysis of key-exchange protocols and their use for building secure channels, Advances in Cryptology-Eurocrypt 2001, LNCS Vol. 2045 (2001) pp. 453–474.
- R. Cramer and V. Shoup, A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack, Advances in Cryptology-Crypto '98, LNCS Vol. 1462 (1998) pp. 13–25.
- W. Diffie, P. van Oorschot and M. Wiener, Authentication and authenticated key exchanges, Designs, Codes and Cryptography, Vol. 2 (1992) pp. 107–125.
- R. Gennaro, S. Halevi and T. Rabin, Secure hash-and-sign signatures without the random oracle, Advances in Cryptology-Eurocrypt '99, LNCS Vol. 1592 (1999) pp. 123–139.
- S. Goldwasser, S. Micali and R. Rivest, A “paradoxical” solution to the signature problem, Proceedings of the IEEE 25th Annual Symposium on Foundations of Computer Science (1984) pp. 441–448.
- S. Goldwasser, S. Micali and R. Rivest, A digital signature scheme secure against adaptive chosenmessage attacks SIAM J. Computing, Vol. 17 (1988) pp. 281–308.
- J. van de Graaf and R. Peralta, A simple and secure way to show the validity of your public key, Advances in Cryptology-Crypto '87, LNCS Vol. 293 (1988) pp. 128–134.
- J. Håstad, Solving simultaneous modular equations of low degree, SIAM Journal on Computing, Vol. 17 (1988) pp. 336–341.
- D. Johnson, A. Menezes and S. Vanstone, The elliptic curve digital signature algorithm (ECDSA), International J. Information Security, Vol. 1 (2001) pp. 36–63.
- M. Meyers, C. Adams, D. Solo and D. Kemp, Internet X.509 Certificate Request Message Format, RFC 2511, March (1999).
- National Institute of Standards and Technology, Digital Signature Standard, FIPS Publication 186–2 (2000).
- P. Nguyen and I. Shparlinski, The insecurity of the digital signature algorithm with partially known nonces, Journal of Cryptology, Vol. 15 (2002) pp. 151–176.
- D. Pointcheval and J. Stern, Security arguments for digital signatures and blind signatures, Journal of Cryptology, Vol. 13 (2000) pp. 361–396.
- M. Rabin, Digitalized signatures and public-key functions as intractable as factorization, MIT Lab. for Computer Science, Technical Report LCS/TR-212, 1979
- C. Schnorr, Efficient signature generation by smart cards, Journal of Cryptology, Vol. 4 (1991) pp. 161–174.
- V. Shoup, Lower bounds for discrete logarithms and related problems, Advances in Cryptology-Eurocrypt '97, LNCS Vol. 1233 (1997) pp. 256–266.
- V. Shoup, On formal models for secure key exchange, Cryptology ePrint Archive Report 1999/012, 1999. Available from http://eprint.iacr.org/1999/.
- J. Stern, D. Pointcheval, J. Malone-Lee and N. P. Smart, Flaws in applying proof methodologies to signature schemes, Advances in Cryptology-CRYPTO 2002, LCNS Vol. 2442 (2002) pp. 93–110.
- H. Williams, A modification of the RSA public-key encryption procedure, IEEE Transactions on Information Theory, Vol. 26 (1980) pp. 726–729.
- Security of Signature Schemes in a Multi-User Setting
Designs, Codes and Cryptography
Volume 33, Issue 3 , pp 261-274
- Cover Date
- Print ISSN
- Online ISSN
- Kluwer Academic Publishers
- Additional Links
- digital signatures
- provable security
- Industry Sectors