On Tight Security Proofs for Schnorr Signatures

  • Nils Fleischhacker
  • Tibor Jager
  • Dominique Schröder
Conference paper

DOI: 10.1007/978-3-662-45611-8_27

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8873)
Cite this paper as:
Fleischhacker N., Jager T., Schröder D. (2014) On Tight Security Proofs for Schnorr Signatures. In: Sarkar P., Iwata T. (eds) Advances in Cryptology – ASIACRYPT 2014. ASIACRYPT 2014. Lecture Notes in Computer Science, vol 8873. Springer, Berlin, Heidelberg

Abstract

The Schnorr signature scheme is the most efficient signature scheme based on the discrete logarithm problem and a long line of research investigates the existence of a tight security reduction for this scheme in the random oracle. Almost all recent works present lower tightness bounds and most recently Seurin (Eurocrypt 2012) showed that under certain assumptions the non-tight security proof for Schnorr signatures in the random oracle by Pointcheval and Stern (Eurocrypt 1996) is essentially optimal. All previous works in this direction rule out tight reductions from the (one-more) discrete logarithm problem. In this paper we introduce a new meta-reduction technique, which shows lower bounds for the large and very natural class of generic reductions. A generic reduction is independent of a particular representation of group elements and most reductions in state-of-the-art security proofs have this desirable property. Our approach shows unconditionally that there is no tight generic reduction from any natural computational problem Π defined over algebraic groups (including even interactive problems) to breaking Schnorr signatures, unless solving Π is easy.

Keywords

Schnorr signatures black-box reductions generic reductions algebraic reductions tightness 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© International Association for Cryptologic Research 2014

Authors and Affiliations

  • Nils Fleischhacker
    • 1
  • Tibor Jager
    • 2
  • Dominique Schröder
    • 1
  1. 1.Saarland UniversityGermany
  2. 2.Horst Görtz Institute for IT SecurityRuhr-University BochumGermany

Personalised recommendations