Advertisement

Faster Batch Forgery Identification

  • Daniel J. Bernstein
  • Jeroen Doumen
  • Tanja Lange
  • Jan-Jaap Oosterwijk
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7668)

Abstract

Batch signature verification detects whether a batch of signatures contains any forgeries. Batch forgery identification pinpoints the location of each forgery. Existing forgery-identification schemes vary in their strategies for selecting subbatches to verify (individual checks, binary search, combinatorial designs, etc.) and in their strategies for verifying subbatches. This paper exploits synergies between these two levels of strategies, reducing the cost of batch forgery identification for elliptic-curve signatures.

Keywords

Signatures batch verification elliptic curves scalar multiplication 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    –(no editor): 17th annual symposium on foundations of computer science. IEEE Computer Society, Long Beach, California (1976). MR 56:1766. See [28] Google Scholar
  2. 2.
    Bellare, M., Garay, J.A., Rabin, T.: Fast batch verification for modular exponentiation and digital signatures. In: Eurocrypt ’98 [24], pp. 236–250 (1998), http://cseweb.ucsd.edu/~mihir/papers/batch.html. Citations in this document: §1
  3. 3.
    Bernstein, D.J.: Curve25519: new Diffie-Hellman speed records. In: PKC 2006 [38], pp. 207–228 (2006), http://cr.yp.to/papers.html#curve25519. Citations in this document: §3
  4. 4.
    Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high security signatures. In: CHES 2011 [31] (2011), http://eprint.iacr.org/2011/368. Citations in this document: §1, §1, §1, §1, §1, §1, §1, §3, §3, §4
  5. 5.
    Brassard, G. (ed.): Advances in cryptology|CRYPTO ’89, 9th annual international cryptology conference, Santa Barbara, California, USA, August 20-24,1989, proceedings. LNCS, vol. 435. Springer (1990). ISBN 3-540-97317-6. MR91b:94002. See [34] Google Scholar
  6. 6.
    Brickell, E.F., Gordon, D.M., McCurley, K.S., Wilson, D.B.: Fast exponentiation with precomputation (extended abstract). In: Eurocrypt ’92 [33], pp. 200–207(1993); see also newer version [7]. Citations in this document: §4, §4 Google Scholar
  7. 7.
    Brickell, E.F., Gordon, D.M., McCurley, K.S., Wilson, D.B.: Fast exponentiation with precomputation: algorithms and lower bounds (1995); see also older version [6], http://research.microsoft.com/~dbwilson/bgmw/
  8. 8.
    de Rooij, P.: Efficient exponentiation using precomputation and vector addition chains. In: Eurocrypt ’94 [9], pp. 389–399 (1995). MR 1479665. Citations in thisdocument: §4 Google Scholar
  9. 9.
    De Santis, A. (ed.): Advances in cryptology|EUROCRYPT ’94, workshop on the theory and application of cryptographic techniques, Perugia, Italy, May 9-12, 1994, proceedings. LNCS, vol. 950. Springer (1995). ISBN 3-540-60176-7. MR98h:94001. See [8], [23] Google Scholar
  10. 10.
    Desmedt, Y. (ed.): Advances in cryptology|CRYPTO ’94, 14th annual international cryptology conference, Santa Barbara, California, USA, August 21-25,1994, proceedings. LNCS, vol. 839. Springer (1994). ISBN 3-540-58333-5. See [19] Google Scholar
  11. 11.
    Galbraith, S.D. (ed.): Cryptography and coding, 11th IMA international conference, Cirencester, UK, December 18-20, 2007, proceedings. LNCS, vol. 4887. Springer (2007). ISBN 978-3-540-77271-2. See [18] Google Scholar
  12. 12.
    Hisil, H., Wong, K.K.-H., Carter, G., Dawson, E.: Twisted Edwards curves revisited.In: Asiacrypt 2008 [27], pp. 326–343 (2008), http://eprint.iacr.org/2008/522. Citations in this document: §1
  13. 13.
    Imai, H., Zheng, Y. (eds.): Public key cryptography, third international workshop on practice and theory in public key cryptography, PKC 2000, Melbourne, Victoria, Australia, January 18-20, 2000, proceedings. LNCS, vol. 1751. Springer (2000). ISBN 3-540-66967-1. See [25] Google Scholar
  14. 14.
    Jarecki, S., Tsudik, G. (eds.): Public key cryptography|PKC 2009, 12th international conference on practice and theory in public key cryptography, Irvine, CA, USA, March 18-20, 2009, proceedings. LNCS, vol. 5443. Springer (2009).ISBN 978-3-642-00467-4. See [20] Google Scholar
  15. 15.
    Joye, M., Miyaji, A., Otsuka, A. (eds.): Pairing-based cryptography–Pairing 2010–4th international conference, Yamanaka Hot Spring, Japan, December 2010, proceedings. LNCS, vol. 6487. Springer (2010). ISBN 978-3-642-17454-4. See [21] Google Scholar
  16. 16.
    Karati, S., Das, A., Roychowdhury, D., Bellur, B., Bhattacharya, D., Iyer, A.: Batch verification of ECDSA signatures. In: Africacrypt 2012 [22], pp. 1-18 (2012). Citations in this document: §2, §2, §2, §2, §2, §2, §2, §2 Google Scholar
  17. 17.
    Kurosawa, K. (ed.): Information theoretic security, 4th international conference, ICITS 2009, Shizuoka, Japan, December 3-6, 2009, revised selected papers. LNCS, vol. 5973. Springer (2010). ISBN 978-3-642-14495-0. See [39] Google Scholar
  18. 18.
    Law, L., Matt, B.J.: Finding invalid signatures in pairing-based batches. In: Cirencester 2007 [11], pp. 34–53 (2007). Citations in this document: §1, §1, §3 Google Scholar
  19. 19.
    Lim, C.H., Lee, P.J.: More flexible exponentiation with precomputation. In: Crypto ’94 [10], pp. 95–107 (1994). Citations in this document: §4 Google Scholar
  20. 20.
    Matt, B.J.: Identification of multiple invalid signatures in pairing-based batched signatures. In: PKC 2009 [14], pp. 337–356 (2009). Citations in this document: §1 Google Scholar
  21. 21.
    Matt, B.J.: Identification of multiple invalid pairing-based signatures in constrained batches. In: Pairing 2010 [15], pp. 78-95 (2010). Citations in this document: §1, §1 Google Scholar
  22. 22.
    Mitrokotsa, A., Vaudenay, S. (eds.): Progress in cryptology–AFRICACRYPT 2012, 5th international conference on cryptology in Africa, Ifrane, Morocco, July 10-12, 2012, proceedings. LNCS, vol. 7374. Springer (2012). See [16] Google Scholar
  23. 23.
    Naccache, D., M’Raihi, D., Vaudenay, S., Raphaeli, D.: Can D.S.A. be improved? Complexity trade-offs with the digital signature standard. In: Eurocrypt ’94 [9] (1994). Citations in this document: §1, §1, §1, §1, §2 Google Scholar
  24. 24.
    Nyberg, K. (ed.): Advances in cryptology–EUROCRYPT ’98, international conference on the theory and application of cryptographic techniques, Espoo, Finland, May 31-June 4, 1998, proceedings. LNCS, vol. 1403. Springer (1998). ISBN 3-540-64518-7. See [2] Google Scholar
  25. 25.
    Pastuszak, J., Michalek, D., Pieprzyk, J., Seberry, J.: Identi_cation of bad signatures in batches. In: PKC 2000 [13], pp. 28–45 (2000). Citations in this document: §1, §1, §1, §3 Google Scholar
  26. 26.
    Pastuszak, J., Pieprzyk, J., Seberry, J.: Codes identifying bad signature in batches. In: Indocrypt 2000 [32], pp. 143–154 (2000). Citations in this document: §1, §1 Google Scholar
  27. 27.
    Pieprzyk, J. (ed.): Advances in cryptology–ASIACRYPT 2008, 14th international conference on the theory and application of cryptology and information security, Melbourne, Australia, December 7-11, 2008. LNCS, vol. 5350 (2008). ISBN 978-3-540-89254-0. See [12] Google Scholar
  28. 28.
    Pippenger, N.: On the evaluation of powers and related problems (preliminary version). In: FOCS ’76 [1], pp. 258-263 (1976); newer version split into [29] and[30]. MR 58:3682. Citations in this document: §4 Google Scholar
  29. 29.
    Pippenger, N.: The minimum number of edges in graphs with prescribed paths. Mathematical Systems Theory 12, 325-346 (1979); see also older version [28]. ISSN 0025-5661. MR 81e:05079 Google Scholar
  30. 30.
    Pippenger, N.: On the evaluation of powers and monomials. SIAM Journal on Computing 9, 230-250 (1980); see also older version [28]. ISSN 0097-5397. MR 82c:10064. Citations in this document: §4 Google Scholar
  31. 31.
    Preneel, B., Takagi, T. (eds.): Cryptographic hardware and embedded systems–CHES 2011, 13th international workshop, Nara, Japan, September 28-October 1, 2011, proceedings. LNCS, vol. 6917. Springer (2011). ISBN 978-3-642-23950-2. See [4] Google Scholar
  32. 32.
    Roy, B.K., Okamoto, E. (eds.): Progress in cryptology–INDOCRYPT 2000,First international conference in cryptology in India, Calcutta, India, December 10-13,2000, proceedings. LNCS, vol. 1977. Springer (2000). ISBN 3-540-41452-5. See [26] Google Scholar
  33. 33.
    Rueppel, R.A. (ed.): Advances in cryptology–EUROCRYPT ’92, workshop on the theory and application of cryptographic techniques, Balatonfüred, Hungary, May 24-28, 1992, proceedings. LNCS, vol. 658. Springer (1993). ISBN 3-540-56413-6. MR 94e:94002. See [6] Google Scholar
  34. 34.
    Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Crypto ’89 [5], pp. 239–252 (1990); see also newer version [35] Google Scholar
  35. 35.
    Schnorr, C.P.: Efficient signature generation by smart cards. Journal of Cryptology 4, 161-174 (1991); see also older version [34], http://www.mi.informatik.uni-frankfurt.de/research/papers.html. Citations in this document: §1
  36. 36.
    Solinas, J.A.: Low-weight binary representations for pairs of integers CORR 2001-41 (2001), http://www.cacr.math.uwaterloo.ca/techreports/2001/corr2001-41.ps. Citations in this document: §5
  37. 37.
    Straus, E.G.: Addition chains of vectors (problem 5125). American Mathematical Monthly 70, 806-808 (1964). Citations in this document: §4 Google Scholar
  38. 38.
    Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.): Public key cryptography| 9th international conference on theory and practice in public-key cryptography, New York, NY, USA, April 24-26, 2006, proceedings. LNCS, vol. 3958. Springer(2006). ISBN 978-3-540-33851-2. See [3] Google Scholar
  39. 39.
    Zaverucha, G.M., Stinson, D.M.: Group testing and batch verification. In: ICITS 2009 [17], pp. 140-157 (2010). Citations in this document: §1, §1 Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Daniel J. Bernstein
    • 1
    • 3
  • Jeroen Doumen
    • 2
  • Tanja Lange
    • 3
  • Jan-Jaap Oosterwijk
    • 3
  1. 1.Department of Computer ScienceUniversity of Illinois at ChicagoChicagoUSA
  2. 2.CTO Research GroupIrdetoHoofddorpThe Netherlands
  3. 3.Department of Mathematics and Computer ScienceTechnische Universiteit EindhovenEindhovenThe Netherlands

Personalised recommendations