How to Repair ESIGN

  • Louis Granboulan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2576)


The ESIGN signature scheme was provided with an inadequate proof of security. We propose two techniques to repair the scheme, which we name ESIGN-D and ESIGN-R. Another improvement of ESIGN is encouraged, where the public key is hashed together with the message. This allows to have a security proof in the multi key setting. Additionally, the lower security of ESIGN compared to RSA-PSS leads to suggest that a common public key is used for ESIGN and RSA-PSS, leaving to the signer the choice between fast signature or better security.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M. Bellare and P. Rogaway. The exact security of digital signatures: how to sign with RSA and Rabin. Proc. Eurocrypt’96, LNCS 1070, pages 399–416, May 1996. Revised version available at Scholar
  2. 2.
    J.-S. Coron. On the exact security of Full Domain Hash. Proc. Crypto’00, LNCS 1880, pages 229–235, Aug. 2000. Available at Scholar
  3. 3.
    Y. Dodis and L. Reyzin. On the Power of Claw-Free Permutations. Proc. SCN’02 (this book), 2002.Google Scholar
  4. 4.
    E. Fujisaki, T. Kobayashi, H. Morita, H. Oguro, T. Okamoto, S. Okazaki. ESIGN: Efficient Digital Signature (Submission to NESSIE) Available at
  5. 5.
    J. Stern, D. Pointcheval, J. Malone-Lee and N. P. Smart. Flaws in Applying Proof Methodologies to Signature Schemes. Proc. Crypto’02, LNCS 2442, Aug. 2002.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 203

Authors and Affiliations

  • Louis Granboulan
    • 1
  1. 1.École Normale SupérieureGermany

Personalised recommendations