Journal of Cryptology

, Volume 4, Issue 3, pp 161–174 | Cite as

Efficient signature generation by smart cards

  • C. P. Schnorr
Article

Abstract

We present a new public-key signature scheme and a corresponding authentication scheme that are based on discrete logarithms in a subgroup of units in ℤp where p is a sufficiently large prime, e.g., p ≥ 2512. A key idea is to use for the base of the discrete logarithm an integer α in ℤp such that the order of α is a sufficiently large prime q, e.g., q ≥ 2140. In this way we improve the ElGamal signature scheme in the speed of the procedures for the generation and the verification of signatures and also in the bit length of signatures. We present an efficient algorithm that preprocesses the exponentiation of a random residue modulo p.

Key words

Digital signatures Public-key signatures Public-key authentication ElGamal signatures Discrete logarithm one-way function Signatures with preprocessing Random exponentiated residues 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Beth, T.: Efficient Zero-Knowledge Identification Scheme for Smart Cards. Advances in Cryptology — Eurocrypt '88, Lecture Notes in Computer Science, Vol. 330 (1988), Springer-Verlag, Berlin, pp. 77–86.Google Scholar
  2. Brickell, E. F., and McCurley, K. S.: An Interactive Identification Scheme Based on Discrete Logarithms and Factoring. Advances in Cryptology—Eurocrypt '90, Lecture Notes in Computer Science, Vol. 473 (1991), Springer-Verlag, Berlin, pp. 63–71.Google Scholar
  3. Chaum, D., Evertse, J. H., and an de Graaf, J.: An Improved Protocol for Demonstrating Possession of Discrete Logarithms and Some Generalizations. Advances in Cryptology—Eurocrypt '87, Lecture Notes in Computer Science, Vol. 304 (1988), Springer-Verlag, Berlin, pp. 127–141.Google Scholar
  4. Coppersmith, D., Odlyzko, A., and Schroeppel, R.: Discrete Logarithms in GF(p). Algorithmica, 1 (1986), 1–15.Google Scholar
  5. ElGamal, T.: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. IEEE Trans. Inform. Theory, 31 (1985), 469–472.Google Scholar
  6. Even, S., Goldreich, O., and Micali, S.: On-Line/Off-Line Digital Signatures. Advances in Cryptology—Crypto '89. Lecture Notes in Computer Science, vol. 435 (1990), Springer-Verlag, Berlin, pp. 263–277.Google Scholar
  7. Feige, U., Fiat, A. and Shamir, A.: Zero-Knowledge Proofs of Identity. Proceedings of STOC, 1987, pp. 210–217, and J. Cryptology, 1 (1988), 77–95.Google Scholar
  8. Fiat, A., and Shamir, A.: How To Prove Yourself: Practical Solutions of Identification and Signature Problems. Advances in Cryptology—Crypto '86, Lecture Notes in Computer Science, Vol. 263 (1987), Springer-Verlag, Berlin, pp. 186–194.Google Scholar
  9. Girault, M.: An Identity-Based Identification Scheme Based on Discrete Logarithms. Advances in Cryptology—Eurocrypt '90, Lecture Notes in Computer Science, Vol. 473 (1991), Springer-Verlag, Berlin, pp. 481–486.Google Scholar
  10. Girault, M.: Self-Certified Public Keys. Abstracts of Eurocrypt '91, Brighton, 8–11 April 1991, pp. 236–241.Google Scholar
  11. Goldwasser, S., Micali, S., and Rackoff, C: Knowledge Complexity of Interactive Proof Systems. Proceedings of STOC, 1985, pp. 291–304.Google Scholar
  12. Gordon, D.: Discrete Logarithms in GF(p) Using the Number Field Sieve. Technical Report, Sandia Laboratories (1990).Google Scholar
  13. Guillou, L. S., and Quisquater, J. J.: A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing both Transmission and Memory. Advances in Cryptology—Eurocrypt '88, Lecture Notes in Computer Sciences, Vol. 330 (1988), Springer-Verlag, Berlin, pp. 123–128.Google Scholar
  14. Günther, C. G.: An Identity-Based Key-Exchange Protocol. Advances in Cryptology—Eurocrypt '89, Lecture Notes in Computer Science, Vol. 434 (1990). Springer-Verlag, Berlin, pp. 29–37.Google Scholar
  15. Lenstra, A. K., Lenstra, H. W., Jr., Manasse, M. S., and Pollard, J. M.: The Number Field Sieve. Proceedings of STOC, 1990, pp. 564–572.Google Scholar
  16. Ong, H., and Schnorr, C. P.: Fast Signature Generation with a Fiat-Shamir-like Scheme. Advances in Cryptology—Eurocrypt '90, Lecture Notes in Computer Science, Vol. 473 (1991), Springer-Verlag, Berlin, pp. 432–440.Google Scholar
  17. Pollard, J. M.: Monte Carlo Method for Index Computation (mod p). Math. Comp., 32 (1978), 918–924.Google Scholar
  18. Pollard, J. M.: Some Algorithms in Number Theory. Technical Report, 15 pages, Feb. 1991.Google Scholar
  19. Rabin, M. O.: Digital Signatures and Public-Key Functions as Intractable as Factorization. Technical Report MIT/LCS/TR-212, Massachusetts Institute of Technology (1978).Google Scholar
  20. Rivest, R., Shamir, A., and Adleman, L.: A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Comm. ACM, 21 (1978), 120–126.Google Scholar
  21. de Rooij, P. J. N.: On the Security of the Schnorr Scheme Using Preprocessing. Proceedings Eurocrypt '91.Google Scholar
  22. Schnorr, C. P.: Efficient Identification and Signatures for Smart Cards. Advances in Cryptology—Crypto '89. Lecture Notes in Computer Science, Vol. 435 (1990), Springer-Verlag, Berlin, pp. 239–252.Google Scholar

Copyright information

© Springer-Verlag New York Inc. 1991

Authors and Affiliations

  • C. P. Schnorr
    • 1
  1. 1.Universität FrankfurtFrankfurt a.M.Germany

Personalised recommendations