Efficient Generic On-Line/Off-Line Signatures Without Key Exposure

  • Xiaofeng Chen
  • Fangguo Zhang
  • Willy Susilo
  • Yi Mu
Conference paper

DOI: 10.1007/978-3-540-72738-5_2

Part of the Lecture Notes in Computer Science book series (LNCS, volume 4521)
Cite this paper as:
Chen X., Zhang F., Susilo W., Mu Y. (2007) Efficient Generic On-Line/Off-Line Signatures Without Key Exposure. In: Katz J., Yung M. (eds) Applied Cryptography and Network Security. Lecture Notes in Computer Science, vol 4521. Springer, Berlin, Heidelberg

Abstract

The “hash-sign-switch” paradigm was firstly proposed by Shamir and Tauman with the aim to design an efficient on-line/off-line signature scheme. However, all existing on-line/off-line signature schemes based on Shamir-Tauman’s paradigm suffer from the key exposure problem of chameleon hashing. That is, if the signer applies the same hash value more than once to obtain two signatures on two different messages, the recipient can obtain a hash collision and use it to recover the signer’s trapdoor information. Therefore, the signer should pre-compute and store plenty of different chameleon hash values and the corresponding signatures on the hash values in the off-line phase, and send the collision and the signature for a certain hash value in the on-line phase. Hence, the computation and storage cost for the off-line phase and the communication cost for the on-line phase in Shamir-Tauman’s signature scheme are still a little more overload.

In this paper, we first introduce a special double-trapdoor hash family based on the discrete logarithm assumption to solve this problem. We then apply the “hash-sign-switch” paradigm to propose a much more efficient generic on-line/off-line signature scheme. Additionally, we use a one-time trapdoor/hash key pair for each message signing, which prevents the recipient from recovering the trapdoor information of the signer and computing other collisions.

Keywords

On-line/off-line signatures Chameleon hashing Key exposure 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer Berlin Heidelberg 2007

Authors and Affiliations

  • Xiaofeng Chen
    • 1
    • 3
  • Fangguo Zhang
    • 2
    • 3
  • Willy Susilo
    • 4
  • Yi Mu
    • 4
  1. 1.Department of Computer Science, Sun Yat-sen University, Guangzhou 510275P.R. China
  2. 2.Department of Electronics and Communication Engineering, Sun Yat-sen University, Guangzhou 510275P.R. China
  3. 3.Guangdong Key Laboratory of Information Security Technology, Guangzhou 510275P.R. China
  4. 4.Centre for Computer and Information Security Research, School of Computer Science and Software Engineering, University of WollongongAustralia

Personalised recommendations