Abstract

This paper analyzes the security of a very efficient signature scheme proposed by C.H. Tan, X. Yi and C.K. Siew: the TYS signature scheme. We show that this scheme is universally forgeable; more specifically, we show that anyone is able to produce a valid TYS signature on a chosen message from an arbitrary valid message/signature pair. We also suggest modifications to the TYS signature scheme and relate the resulting scheme to the Camenisch-Lysyanskaya signature scheme.

Keywords

Cryptography digital signature standard model TYS signature scheme Camenisch-Lysyanskaya signature scheme 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Barić, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signature schemes without trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997)Google Scholar
  2. 2.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM Press, New York (1993)CrossRefGoogle Scholar
  3. 3.
    Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Camenisch, J.L., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Cramer, R., Damgård, I.: New generation of secure and practical RSA-based signatures. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 173–185. Springer, Heidelberg (1996)Google Scholar
  6. 6.
    Cramer, R., Shoup, V.: Signature schemes based on the strong RSA assumption. ACM Transactions on Information and System Security 3(3), 161–185 (2000)CrossRefGoogle Scholar
  7. 7.
    Dwork, C., Naor, M.: An efficient existentially unforgeable signature scheme and its applications. Journal of Cryptology 11(3), 187–208 (1998)MATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)Google Scholar
  9. 9.
    Fischlin, M.: The Cramer-Shoup strong RSA scheme revisited. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 116–129. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Fujisaki, E., Okamoto, T.: Statistical zero knowledge protocols to prove modular polynomial relations. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997)Google Scholar
  11. 11.
    Gennaro, R., Halevi, S., Rabin, T.: Secure hash-and-sign signatures without the random oracle. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 123–139. Springer, Heidelberg (1999)Google Scholar
  12. 12.
    Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen message attacks. SIAM Journal of Computing 17(2), 281–308 (1988)MATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Poupard, G., Stern, J.: On the fly signatures based on factoring. In: 7th ACM Conference on Computer and Communications Security, pp. 37–45. ACM Press, New York (1999)CrossRefGoogle Scholar
  14. 14.
    Shamir, A., Tauman, Y.: Improved online/Offline signature schemes. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 355–367. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  15. 15.
    Stern, J., Pointcheval, D., Malone-Lee, J., Smart, N.P.: Flaws in applying proof methodologies to signature schemes. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 93–110. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  16. 16.
    Tan, C.H., Yi, X., Siew, C.K.: A new provably secure signature scheme. IEICE Trans. Fundamentals E86-A(10), 2633–2635 (2003)Google Scholar
  17. 17.
    Zhu, H.: New digital signature scheme attaining immunity against adaptive chosen message attack. Chinese Journal of Electronics 10(4), 484–486 (2001)Google Scholar
  18. 18.
    Zhu, H.: A formal proof of Zhu’s signature scheme, Cryptology ePrint Archive, Report 2003/155 (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Marc Joye
    • 1
  • Hung-Mei Lin
    • 2
  1. 1.Security Technologies DepartmentGemplusLa Ciotat CedexFrance
  2. 2.Traverse des JardinsSaint ZacharieFrance

Personalised recommendations