Advertisement

Journal of Cryptology

, Volume 16, Issue 3, pp 185–215 | Cite as

The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme

  •  Bellare
  •  Namprempre
  •  Pointcheval
  •  Semanko

Abstract.

We introduce a new class of computational problems which we call the ``one-more-RSA-inversion'' problems. Our main result is that two problems in this class, which we call the chosen-target and known-target inversion problems, respectively, have polynomially equivalent computational complexity. We show how this leads to a proof of security for Chaum's RSA-based blind signature scheme in the random oracle model based on the assumed hardness of either of these problems. We define and prove analogous results for ``one-more-discrete-logarithm'' problems. Since the appearence of the preliminary version of this paper, the new problems we have introduced have found other uses as well.

Key words. Blind digital signature schemes, Digital cash, RSA. 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© International Association for Cryptologic Research 2003

Authors and Affiliations

  •  Bellare
    • 1
  •  Namprempre
    • 1
  •  Pointcheval
    • 2
  •  Semanko
    • 3
  1. 1.Department of Computer Science and Engineering, University of California at San Diego, 9500 Gilman Drive, La Jolla, CA 92093, U.S.A. mihir@cs.ucsd.edu ,meaw@cs.ucsd.eduUS
  2. 2.Département d'Informatique-CNRS, École Normale Supérieure, 45 rue d'Ulm, 75230 Paris, Cedex 05, France David.Pointcheval@ens.frFR
  3. 3.Entropia, Inc., 10145 Pacific Heights Blvd., Suite 800, San Diego, CA 92121, U.S.A. msemanko@entropia.comUS

Personalised recommendations