Abstract
This paper proves “tight security in the random-oracle model relative to factorization” for the lowest-cost signature systems available today: every hash-generic signature-forging attack can be converted, with negligible loss of efficiency and effectiveness, into an algorithm to factor the public key. The most surprising system is the “fixed unstructured B = 0 Rabin-Williams” system, which has a tight security proof despite hashing unrandomized messages.
Chapter PDF
References
Ashby, V. (ed.): First ACM conference on computer and communications security, Association for Computing Machinery, New York (1993); See [5]
Atluri, V., Jaeger, T.: Proceedings of the 10th ACM conference on Computer and communications security. ACM Press, New York (2003); See [15]
Barua, R., Lange, T. (eds.): INDOCRYPT 2006. LNCS, vol. 4329. Springer, Heidelberg (2006); See [18]
Bellare, M. (ed.): CRYPTO 2000. LNCS, vol. 1880. Springer, Heidelberg (2000); See [10]
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for de- signing efficient protocols. In [1], 62–73 (1993); Citations in this document
Bellare, M., Rogaway, P.: The exact security of digital signatures: how to sign with RSA and Rabin. In [21], 399–416 (1996); see also newer version [7]
Mihir Bellare, Phillip Rogaway, The exact security of digital signatures: how to sign with RSA and Rabin (1996) see also older version [6]. http://www-cse.ucsd.edu/~mihir/papers/exactsigs.html Citations in this document
Bernstein, D.J.: RSA signatures and Rabin–Williams signatures: the state of the art (2008), http://cr.yp.to/papers.html#rwsota Citations in this document:
Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In [12], 30–45 (1997); Citations in this document
Coron, J.-S.: On the exact security of Full Domain Hash. In [4], 229–235. MR 2002e:94109. (2000), http://www.eleves.ens.fr/home/coron/publications/publications.html Citations in this document
Coron, J.-S.: Optimal security proofs for PSS and other signature schemes. In [16], 272–287. (2002), http://www.eleves.ens.fr/home/coron/publications/publications.html Citations in this document
Darnell, M.J. (ed.): Cryptography and Coding 1997. LNCS, vol. 1355. Springer, Heidelberg (1997); See [9]
Goh, E.-J., Jarecki, S., Katz, J., Wang, N.: Efficient signature schemes with tight reductions to the Diffie-Hellman problems. Journal of Cryp- tology 20, 493–514 (2007); See [15]
Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17, 281–308 (1988), http://theory.lcs.mit.edu/~rivest/publications.html Citations in this document
Katz, J., Wang, N.: Efficiency improvements for signature schemes with tight security reductions. In [2], 155–164 (2003) portions incorporated into [13], http://www.cs.umd.edu/~jkatz/papers.html Citations in this document
Knudsen, L. (ed.): EUROCRYPT 2002. LNCS, vol. 2332. Springer, Heidelberg (2002); See [11]
Koblitz, N., Menezes, A.J.: Another look at ”provable security” (revised May 4, 2005); see also newer version [19], http://eprint.iacr.org/2004/152/ Citations in this document
Koblitz, N., Menezes, A.J.: Another look at ”provable security”. II. In [3], 148–175 (2006), http://eprint.iacr.org/2006/229 Citations in this document
Koblitz, N., Menezes, A.J.: Another look at ”provable security”. Journal of Cryptology 20, 3–37 (2007); see also older version [17]
Kurosawa, K., Ogata, W.: Efficient Rabin-type digital signature scheme. Designs, Codes and Cryptography 16, 53–64 (1999); Citations in this document
Maurer, U.M. (ed.): EUROCRYPT 1996. LNCS, vol. 1070. Springer, Heidelberg (1996); See [6]
Stinson, D.R.: Some observations on the theory of cryptographic hash functions (2001), http://eprint.iacr.org/2001/020 Citations in this document
Stinson, D.R.: A polemic on notions of cryptographic security (2004), http://www.cacr.math.uwaterloo.ca/~dstinson/pubs.html Citations in this document
Yung, M. (ed.): CRYPTO 2002. LNCS, vol. 2442. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bernstein, D.J. (2008). Proving Tight Security for Rabin-Williams Signatures. In: Smart, N. (eds) Advances in Cryptology – EUROCRYPT 2008. EUROCRYPT 2008. Lecture Notes in Computer Science, vol 4965. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78967-3_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-78967-3_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-78966-6
Online ISBN: 978-3-540-78967-3
eBook Packages: Computer ScienceComputer Science (R0)