Abstract
We study the security of partial-domain hash signature schemes, in which the output size of the hash function is only a fraction of the modulus size. We show that for e = 2 (Rabin), partial-domain hash signature schemes are provably secure in the random oracle model, if the output size of the hash function is larger than 2/3 of the modulus size. This provides a security proof for a variant of the signature standards ISO 9796-2 and PKCS#1 v1.5, in which a larger digest size is used.
Chapter PDF
References
ANSI X9.31, Digital signatures using reversible public-key cryptography for the financial services industry (rDSA), 1998.
M. Bellare and P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols. Proceedings of the First Annual Conference on Computer and Commmunications Security, ACM, 1993.'
M. Bellare and P. Rogaway, The exact security of digital signatures-How to sign with RSA and Rabin. Proceedings of Eurocrypt’96, LNCS vol. 1070, Springer-Verlag, 1996, pp. 399–416.
R. Canetti, O. Goldreich and S. Halevi, The random oracle methodology, revisited, STOC’ 98, ACM, 1998.
J.S. Coron, D. Naccache and J.P. Stern, On the security of RSA Padding, Proceedings of Crypto’99, LNCS vol. 1666, Springer-Verlag, 1999, pp. 1–18.
J.S. Coron, On the exact security of Full Domain Hash, Proceedings of Crypto 2000, LNCS vol. 1880, Springer-Verlag, 2000, pp. 229–235.
J.S. Coron, Security proof for partial-domain hash signature schemes. Full version of this paper. Cryptology ePrint Archive, http://www.eprint.iacr.org.
S. Goldwasser, S. Micali and R. Rivest, A digital signature scheme secure against adaptive chosen-message attacks, SIAM Journal of computing, 17(2):281–308, april 1988.
G.H. Hardy and E.M. Wright, An introduction to the theory of numbers, Oxford science publications,.fifth edition.
K. Hickman, The SSL Protocol, December 1995. Available electronically at: http://www.netscape.com/newsref/std/ssl.html
ISO/IEC 9796-2, Information technology-Security techniques-Digital signature scheme giving message recovery, Part 2: Mechanisms using a hash-function, 1997.
A.J. Menezes, P. C. van Oorschot and S.A. Vanstone, Handbook of Applied Cryptography, CRC press, 1996.
P. Paillier, Public-key cryptosystems based on composite degree residuosity classes, proceedings of Eurocrypt’99, LNCS 1592, pp. 223–238, 1999.
R. Rivest, A. Shamir and L. Adleman, A method for obtaining digital signatures and public key cryptosystems, CACM 21, 1978.
RSA Laboratories, PKCS #1: RSA cryptography speci.cations, version 1.5, November 1993 and version 2.0, September 1998.
B. Vallée, Generatiosn of elements with small modular squares and provably fast integer factoring algorithms, Mathematics of Computation, vol. 56, number 194, april 1991, pp. 823–849.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Coron, JS. (2002). Security Proof for Partial-Domain Hash Signature Schemes. In: Yung, M. (eds) Advances in Cryptology — CRYPTO 2002. CRYPTO 2002. Lecture Notes in Computer Science, vol 2442. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45708-9_39
Download citation
DOI: https://doi.org/10.1007/3-540-45708-9_39
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44050-5
Online ISBN: 978-3-540-45708-4
eBook Packages: Springer Book Archive