Advertisement

Security Proofs for Signature Schemes

  • David Pointcheval
  • Jacques Stern
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1070)

Abstract

In this paper, we address the question of providing security proofs for signature schemes in the so-called random oracle model [1]. In particular, we establish the generality of this technique against adaptively chosen message attacks. Our main application achieves such a security proof for a slight variant of the El Gamal signature scheme [4] where committed values are hashed together with the message. This is a rather surprising result since the original El Gamal is, as RSA [11], subject to existential forgery.

Keywords

Hash Function Signature Scheme Random Oracle Discrete Logarithm Discrete Logarithm Problem 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    M. Bellare and P. Rogaway. Rando Oracles are Practical: a paradigm for designing efficient protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security, pages 62–73, 1993.Google Scholar
  2. 2.
    W. Diffie and M.E. Hellman. New Directions in Cryptography. In IEEE Transactions on Information Theory, volume IT-22, no. 6, pages 644–654, november 1976.CrossRefMathSciNetGoogle Scholar
  3. 3.
    A. Fiat and A. Shamir. How to Prove Yourself: practical solutions of identification and signature problems. In A. M. Odlyzko, editor, Advances in Cryptology — Proceedings of CRYPTO’ 86, volume 263 of Lecture Notes in Computer Science, pages 186–194. Springer-Verlag, 1987.Google Scholar
  4. 4.
    T. El Gamal. A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In IEEE Transactions on Information Theory, volume IT-31, no. 4, pages 469–472, july 1985.Google Scholar
  5. 5.
    S. Goldwasser, S. Micali, and C. Rackoff. Knowledge Complexity of Interactive Proof Systems. In Proceedings of the 17th ACM Symposium on the Theory of Computing STOC, pages 291–304. ACM, 1985.Google Scholar
  6. 6.
    S. Goldwasser, S. Micali, and R. Rivest. A Digital Signature Scheme Secure Against Adaptative Chosen-Message Attacks. SIAM journal of computing, 17(2):281–308, april 1988.CrossRefzbMATHMathSciNetGoogle Scholar
  7. 7.
    L.C. Guillou and J.-J. Quisquater. A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory. In C. G. Günter, editor, Advances in Cryptology — Proceedings of EUROCRYPT’ 88, volume 330 of Lecture Notes in Computer Science, pages 123–128. Springer-Verlag, 1988.Google Scholar
  8. 8.
    NIST. Secure IIash Standard (SHS). Federal Information Processing Standards PUBlication 180-1, April 1995.Google Scholar
  9. 9.
    D. Pointcheval. A New Identification Scheme Based on The Perceptrons Problem. In L.C. Guillou and J. J. Quisquater, editors, Advances in Cryptology — Proceedings of EUROCRYPT’ 95, volume 921 of Lecture Notes in Computer Science, pages 319–328. Springer-Verlag, 1995.Google Scholar
  10. 10.
    R. Rivest. The MD5 Message-Digest Algorithm. RFC 1321, April 1992.Google Scholar
  11. 11.
    R. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Communications of the ACM, 21(2):120–126, february 1978.CrossRefzbMATHMathSciNetGoogle Scholar
  12. 12.
    C.P. Schnorr. Efficient Identification and Signatures for Smart Cards. In G. Brassard, editor, Advances in Cryptology — Proceedings of CRYPTO’ 89, volume 435 of Lecture Notes in Computer Science, pages 235–251. Springer-Verlag, 1990.CrossRefGoogle Scholar
  13. 13.
    A. Shamir. An Efficient Identification Scheme Based on Permuted Kernels. In G. Brassard, editor, Advances in Cryptology — Proceedings of CRYPTO’ 89, volume 435 of Lecture Notes in Computer Science, pages 606–609. Springer-Verlag, 1990.CrossRefGoogle Scholar
  14. 14.
    J. Stern. A New Identification Scheme Based on Syndrome Decoding. In D. R. Stinson, editor, Advances in Cryptology — proceedings of CRYPTO’ 93, volume 773 of Lecture Notes in Computer Science, pages 13–21. Springer-Verlag, 1994.Google Scholar
  15. 15.
    J. Stern. Designing Identification Schemes with Keys of Short Size. In Y. G. Desmedt, editor, Advances in Cryptology — proceedings of CRYPTO’ 94, volume 839 of Lecture Notes in Computer Science, pages 164–173. Springer-Verlag, 1994.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • David Pointcheval
    • 1
  • Jacques Stern
    • 1
  1. 1.Laboratoire d’informatiqueÉcole Normale SupérieureParis Cedex 05

Personalised recommendations