Security of Signature Schemes in a Multi-User Setting
Rent the article at a discountRent now
* Final gross prices may vary according to local VAT.Get Access
This paper initiates the study of the security of signature schemes in the multi-user setting. We argue that the well-accepted notion of security for signature schemes, namely existential unforgeability against adaptive chosen-message attacks, is not adequate for the multi-user setting. We propose an extension of this security notion to the multi-user setting and show that signature schemes proven secure in the single-user setting can, under reasonable constraints, also be proven secure in the multi-user setting.
- C. Adams and S. Farrell, Internet X.509 Public Key Infrastructure: Certificate Management Protocols, RFC 2510, March (1999).
- ANSI X9.62, Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), 1999.
- M. Bellare, A. Boldyreva and S. Micali, Public-key encryption in a multi-user setting: security proofs and improvements, Advances in Cryptology-Eurocrypt 2000, LNCS Vol. 1807 (2000) pp. 259–274.
- M. Bellare and P. Rogaway, Entity authentication and key distribution, Advances in Cryptology-Crypto '93, LNCS Vol. 773 (1993) pp. 232–249.
- M. Bellare and P. Rogaway, Optimal asymmetric encryption-how to encrypt with RSA, Advances in Cryptology-Eurocrypt '94, LNCS Vol. 950 (1994) pp. 92–111.
- M. Bellare and P. Rogaway, The exact security of digital signatures-how to sign with RSA and Rabin, Advances in Cryptology-Eurocrypt '96, LNCS Vol. 1070 (1996) pp. 399–416.
- D. Bernstein, A secure public-key signature system with extremely fast verification, preprint (2002).
- S. Blake-Wilson, D. Johnson and A. Menezes, Key agreement protocols and their security analysis, Proceedings of the 6th IMA International Conference on Cryptography and Coding, LNCS Vol. 1355 (1997) pp. 30–45.
- S. Blake-Wilson and A Menezes, Unknown key-share attacks on the station-to-station (STS) protocol, Proceedings of PKC '99, LNCS Vol. 1560 (1999) pp. 154–170.
- Boyar, J., Friedl, K., Lund, C. (1991) Practical zero-knowledge proofs: Giving hints and using deficiencies. Journal of Cryptology 4: pp. 185-206
- D. Brown, Generic groups, collision resistance, and ECDSA, preprint (2001).
- J. Camenisch and M. Michels, Proving in zero-knowledge that a number is a product of two safe primes,Advances in Cryptology-Eurocrypt '99, LNCS Vol. 1592 (1999) pp. 107–122.
- R. Canetti and H. Krawczyk, Analysis of key-exchange protocols and their use for building secure channels, Advances in Cryptology-Eurocrypt 2001, LNCS Vol. 2045 (2001) pp. 453–474.
- R. Cramer and V. Shoup, A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack, Advances in Cryptology-Crypto '98, LNCS Vol. 1462 (1998) pp. 13–25.
- Diffie, W., van Oorschot, P., Wiener, M. (1992) Authentication and authenticated key exchanges. Designs, Codes and Cryptography 2: pp. 107-125
- R. Gennaro, S. Halevi and T. Rabin, Secure hash-and-sign signatures without the random oracle, Advances in Cryptology-Eurocrypt '99, LNCS Vol. 1592 (1999) pp. 123–139.
- S. Goldwasser, S. Micali and R. Rivest, A “paradoxical” solution to the signature problem, Proceedings of the IEEE 25th Annual Symposium on Foundations of Computer Science (1984) pp. 441–448.
- Goldwasser, S., Micali, S., Rivest, R. (1988) A digital signature scheme secure against adaptive chosenmessage attacks. SIAM J. Computing 17: pp. 281-308
- J. van de Graaf and R. Peralta, A simple and secure way to show the validity of your public key, Advances in Cryptology-Crypto '87, LNCS Vol. 293 (1988) pp. 128–134.
- Håstad, J. (1988) Solving simultaneous modular equations of low degree. SIAM Journal on Computing 17: pp. 336-341
- Johnson, D., Menezes, A., Vanstone, S. (2001) The elliptic curve digital signature algorithm (ECDSA). International J. Information Security 1: pp. 36-63
- M. Meyers, C. Adams, D. Solo and D. Kemp, Internet X.509 Certificate Request Message Format, RFC 2511, March (1999).
- National Institute of Standards and Technology, Digital Signature Standard, FIPS Publication 186–2 (2000).
- Nguyen, P., Shparlinski, I. (2002) The insecurity of the digital signature algorithm with partially known nonces. Journal of Cryptology 15: pp. 151-176
- Pointcheval, D., Stern, J. (2000) Security arguments for digital signatures and blind signatures. Journal of Cryptology 13: pp. 361-396
- M. Rabin, Digitalized signatures and public-key functions as intractable as factorization, MIT Lab. for Computer Science, Technical Report LCS/TR-212, 1979
- Schnorr, C. (1991) Efficient signature generation by smart cards. Journal of Cryptology 4: pp. 161-174
- V. Shoup, Lower bounds for discrete logarithms and related problems, Advances in Cryptology-Eurocrypt '97, LNCS Vol. 1233 (1997) pp. 256–266.
- V. Shoup, On formal models for secure key exchange, Cryptology ePrint Archive Report 1999/012, 1999. Available from http://eprint.iacr.org/1999/.
- J. Stern, D. Pointcheval, J. Malone-Lee and N. P. Smart, Flaws in applying proof methodologies to signature schemes, Advances in Cryptology-CRYPTO 2002, LCNS Vol. 2442 (2002) pp. 93–110.
- Williams, H. (1980) A modification of the RSA public-key encryption procedure. IEEE Transactions on Information Theory 26: pp. 726-729
- Security of Signature Schemes in a Multi-User Setting
Designs, Codes and Cryptography
Volume 33, Issue 3 , pp 261-274
- Cover Date
- Print ISSN
- Online ISSN
- Kluwer Academic Publishers
- Additional Links
- digital signatures
- provable security
- Industry Sectors