Chameleon Hashes Without Key Exposure Based on Factoring
- 57 Downloads
Chameleon hash is the main primitive to construct a chameleon signature scheme which provides non-repudiation and non-transferability simultaneously. However, the initial chameleon hash schemes suffer from the key exposure problem: non-transferability is based on an unsound assumption that the designated receiver is willing to abuse his private key regardless of its exposure. Recently, several key-exposure-free chameleon hashes have been constructed based on RSA assumption and SDH (strong Diffie-Hellman) assumption. In this paper, we propose a factoring-based chameleon hash scheme which is proven to enjoy all advantages of the previous schemes. In order to support it, we propose a variant Rabin signature scheme which is proven secure against a new type of attack in the random oracle model.
Keywordschameleon signature chameleon hash key-exposure
Unable to display preview. Download preview PDF.
- Krawczyk H, Rabin T. Chameleon signatures. In Proc. Symposium on Network and Distributed System Security Symposium (NDSS 2000), San Diego, CA, February, 2000, pp. 143–154.Google Scholar
- Ateniese G, de Medeiros B. Identity-based chameleon hash and applications. In Proc. Financial Cryptography (FC’04), Key West, Florida, USA, February 9–12, 2004, Springer-Verlag, LNCS 3110, pp. 164–180.Google Scholar
- Chen X, Zhang F, Kim K. Chameleon hashing without key exposure. In Proc. the 7th Information Security Conference (ISC’04), Palo Alto, USA, September 27–29, 2004, Springer-Verlag, LNCS 3225, pp. 87–98.Google Scholar
- Ateniese G, de Medeiros B. On the key exposure problem in chameleon hashes. In Proc. the 4th Conference on Security in Communication Networks (SCN’04), Amalfi, Italy, September 8–10, 2004, Springer-Verlag, LNCS 3352, pp. 165–179.Google Scholar
- MacKenzie P, Yang K. On simulation-sound trapdoor commitments. In Proc. EUROCRYPT’04, Interlaken, Switzerland, May 2–6, 2004, Springer-Verlag, LNCS 3027, pp. 382–400.Google Scholar
- Gennaro R. Multi-trapdoor commitments and their applications to proofs of knowledge secure under concurrent man-in-the-middle attacks. In CRYPTO’04, Santa Barbara, California, USA, August 15–19, 2004, Springer-Verlag, LNCS 3152, pp. 220–236.Google Scholar
- Rabin M. Digital signatures. Foundations of Secure Computation. Dobkin D, Jones A, Lipton R (eds.), New York: Academic Press, 1978, pp. 155–168.Google Scholar
- Bellare M, Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols. In Proc. the 1st ACM Conf. Computer and Communications Security, Fairfax, VA, November 3–5, 1993, pp. 62–73.Google Scholar
- Bellare M, Namprempre C, Neven G. Security proofs for identity-based identification and signature schemes. In Proc. Eurocrypt’2004, Interlaken, Switzerland, May 2–6, 2004, Springer-Verlag, LNCS 3027, pp. 268–286.Google Scholar
- Bellare M, Rogaway P. The exact security of digital signatures: How to sign with RSA and Rabin. In Proc. Eurocrypt 96, Zaragoza, Spain, May 12–16, 1996, Springer-Verlag, LNCS 1070, pp. 399–416.Google Scholar
- Fischlin M, Fischlin R. The representation problem based on factoring. In Proc. the Cryptographer’s Track at the RSA Conference on Topics in Cryptology 2002 (Topics in Cryptology—CT-RSA 2002), San Jose, CA, USA, February 18–22, 2002, Springer-Verlag, LNCS 2271, pp. 96–113.Google Scholar