A Digital Signature Based on a Conventional Encryption Function

  • Ralph C. Merkle
Conference paper

DOI: 10.1007/3-540-48184-2_32

Part of the Lecture Notes in Computer Science book series (LNCS, volume 293)
Cite this paper as:
Merkle R.C. (1988) A Digital Signature Based on a Conventional Encryption Function. In: Pomerance C. (eds) Advances in Cryptology — CRYPTO ’87. CRYPTO 1987. Lecture Notes in Computer Science, vol 293. Springer, Berlin, Heidelberg


A new digital signature based only on a conventional encryption function (such as DES) is described which is as secure as the underlying encryption function -- the security does not depend on the difficulty of factoring and the high computational costs of modular arithmetic are avoided. The signature system can sign an unlimited number of messages, and the signature size increases logarithmically as a function of the number of messages signed. Signature size in a ‘typical’ system might range from a few hundred bytes to a few kilobytes, and generation of a signature might require a few hundred to a few thousand computations of the underlying conventional encryption function.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 1988

Authors and Affiliations

  • Ralph C. Merkle
    • 1
  1. 1.ElxsiSan Jose

Personalised recommendations