Unconditionally Secure Digital Signature Schemes Admitting Transferability

  • Goichiro Hanaoka
  • Junji Shikata
  • Yuliang Zheng
  • Hideki Imai
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1976)


A potentially serious problem with current digital signature schemes is that their underlying hard problems from number theory may be solved by an innovative technique or a new generation of computing devices such as quantum computers. Therefore while these signature schemes represent an efficient solution to the short term integrity (unforgeability and non-repudiation) of digital data, they provide no confidence on the long term (say of 20 years) integrity of data signed by these schemes. In this work, we focus on signature schemes whose security does not rely on any unproven assumption. More specifically, we establish a model for unconditionally secure digital signatures in a group, and demonstrate practical schemes in that model. An added advantage of the schemes is that they allow unlimited transfer of signatures without compromising the security of the schemes. Our scheme represents the first unconditionally secure signature that admits provably secure transfer of signatures.


  1. 1.
    D. Boneh and R. J. Lipton, “Quantum cryptanalysis of hidden linear functions,” Proc. of CRYPTO’95, LNCS 963, Springer-Verlag, pp.424–437, 1995.Google Scholar
  2. 2.
    E. F. Brickell and D. R. Stinson, “Authentication codes with multiple arbiters,” Proc. of Eurocrypt’88, LNCS 330, Springer-Verlag, pp.51–55, 1988.Google Scholar
  3. 3.
    S. Cavallar, B. Dodson, A. K. Lenstra, et al., “Factorization of a 512-bit RSA modulus,” Proc. of Eurocrypt’00, LNCS 1807, Springer-Verlag, pp.1–18, 2000.Google Scholar
  4. 4.
    D. Chaum and S. Roijakkers, “Unconditionally secure digital signatures,” Proc. of CRYPTO’90, LNCS 537, Springer-Verlag, pp.206–215, 1990.Google Scholar
  5. 5.
    D. Chaum, E. Heijst and B. Pitzmann, “Cryptographically strong undeniable signatures, unconditionally secure for the signer,” Proc. of CRYPTO’91, LNCS 576, Springer-Verlag, pp.470–484, 1991.Google Scholar
  6. 6.
    H. Dobbertin, A. Bosselaers and B. Preneel, “RIPEMD160: strengthened version of RIPEMD,” Proc. of FSE’96, LNCS 1039, Springer-Verlag, pp.71–82, 1996.Google Scholar
  7. 7.
    Y. Desmedt and M. Yung, “Arbitrated unconditionally secure authentication can be unconditionally protected against arbiter’s attack,” Proc. of CRYPTO’90, LNCS 537, Springer-Verlag, pp.177–188, 1990.Google Scholar
  8. 8.
    Y. Desmedt, Y. Frankel and M. Yung, “Multi-receiver/Multi-sender network security: efficient authenticated multicast/feedback,” Proc. of IEEE Infocom’92, pp.2045–2054, 1992.Google Scholar
  9. 10.
    T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” IEEE Trans. on Inform. Theory, IT-31, 4, pp.469–472, 1985.CrossRefMathSciNetGoogle Scholar
  10. 11.
    A. Fiat and A. Shamir, “How to prove yourself: practical solutions to identification and signature problems,” Proc. of CRYPTO’86, LNCS 263, Springer-Verlag, pp.186–194, 1986.Google Scholar
  11. 12.
    E. N. Gilbert, F. J. MacWilliams and N. J. A. Sloane, “Codes which detect deception,” Bell System Technical Journal, 53, pp.405–425, 1974.MathSciNetGoogle Scholar
  12. 13.
    T. Johansson, “Lower bounds on the probability of deception in authentication with arbitration”, IEEE Trans. Inform. Theory, IT-40, 5, pp.1573–1585, 1994.CrossRefMathSciNetGoogle Scholar
  13. 14.
    T. Johansson, “Further results on asymmetric authentication schemes,” Information and Computation, 151, pp.100–133, 1999.zbMATHCrossRefMathSciNetGoogle Scholar
  14. 15.
    K. Kurosawa, “New bound on authentication code with arbitration,” Proc. of CRYPTO’94, LNCS 839, Springer-Verlag, pp.140–149, 1994.Google Scholar
  15. 16.
    K. Kurosawa and S. Obana, “Combinatorial bounds for authentication codes with arbitration,” Proc. of Eurocrypt’95, LNCS 921, Springer-Verlag, pp.289–300, 1995.Google Scholar
  16. 17.
    NIST, “Secure hash standard,” FIPS PUB 180-1, Department of Commerce, Washington D.C., 1995.Google Scholar
  17. 18.
    S. Obana and K. Kurosawa, “A2-code = affine resolvable + BIBD,” Proc. of ICICS’97, LNCS 1334, Springer-Verlag, pp.118–129, 1997.Google Scholar
  18. 19.
    T. Okamoto, “A fast signature scheme based on congruential polynomial operations,” IEEE Trans. on Inform. Theory, IT-36, 1, pp.47–53, 1990.CrossRefMathSciNetGoogle Scholar
  19. 20.
    R. Rivest, A. Shamir and L. Adleman, “A method for obtaining digital signature and public-key cryptosystems,” Communication of the ACM, vol.21, no.2, pp.120–126, 1978.zbMATHCrossRefMathSciNetGoogle Scholar
  20. 21.
    R. Safavi-Naini and H. Wang, “New results on multi-receiver authentication codes,” Proc. of Eurocrypt’98, LNCS1403, pp.527–541, 1998.Google Scholar
  21. 22.
    R. Safavi-Naini and H. Wang, “Broadcast authentication in group communication,” Proc. of Asiacrypt’99, LNCS1716, Springer-Verlag, pp.399–411, 1999.Google Scholar
  22. 23.
    R. Safavi-Naini and H. Wang, “Multireceiver authentication codes: models, bounds, constructions and extensions,” Information and Computation, 151, pp.148–172, 1999.zbMATHCrossRefMathSciNetGoogle Scholar
  23. 24.
    C. Schnorr, “Efficient signature generation by smart cards”, Journal of Cryptology, 4, pp.161–174, 1991.zbMATHCrossRefGoogle Scholar
  24. 25.
    P. W. Shor, “Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer,” SIAMJ. Comp., 26, no.5, pp.1484–1509, 1997.zbMATHCrossRefMathSciNetGoogle Scholar
  25. 26.
    G. J. Simmons, “Authentication theory/coding theory,” Proc. of CRYPTO’84, LNCS196, Springer-Verlag, pp.411–431, 1984.Google Scholar
  26. 27.
    G. J. Simmons, “Message authentication with arbitration of transmitter/ receiver disputes,” Proc. of Eurocyrpt’87, Springer-Verlag, pp.151–165, 1987.Google Scholar
  27. 28.
    G. J. Simmons, “A Cartesian construction for unconditionally secure authentication codes that permit arbitration,” Journal of Cryptology, 2, pp.77–104, 1990.zbMATHCrossRefMathSciNetGoogle Scholar
  28. 29.
    R. Taylor, “Near optimal unconditionally secure authentication,” Proc. of Eurocyrpt’ 94, LNCS 950, Springer-Verlag, pp.244–253, 1994.Google Scholar
  29. 30.
    Y. Wang and R. Safavi-Naini, “A3-codes under collusion attacks,” Proc. of Asiacrypt’ 99, LNCS 1716, Springer-Verlag, pp.390–398, 1999.Google Scholar
  30. 31.
    Y. Zheng, J. Pieprzyk and J. Seberry, “HAVAL-A one-way hashing algorithm with variable length of output,” Proc. of Auscrypt’92, LNCS 718, Springer-Verlag, pp.83–104, 1993.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Goichiro Hanaoka
    • 1
  • Junji Shikata
    • 1
  • Yuliang Zheng
    • 2
  • Hideki Imai
    • 1
  1. 1.The Third DepartmentInstitute of Industrial Science, the University of TokyoTokyoJapan
  2. 2.School of Network Computing Monash UniversityMelbourneAustralia

Personalised recommendations