Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates

  • Douglas R. Stinson
  • Reto Strobl
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2119)


In a (t, n) threshold digital signature scheme, t out of n signers must co-operate to issue a signature. We present an efficient and robust (t, n) threshold version of Schnorr’s signature scheme. We prove it to be as secure as Schnorr’s signature scheme, i.e., existentially unforgeable under adaptively chosen message attacks. The signature scheme is then incorporated into a (t,n) threshold scheme for implicit certificates. We prove the implicit certificate scheme to be as secure as the distributed Schnorr signature scheme.


Signature Scheme Threshold Scheme Discrete Logarithm Problem Random Oracle Model Random Tape 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. In First Annual ACM Conference on Computer and Communications Security, pages 62–73, 1993.Google Scholar
  2. [2]
    D. Brown. Implicitly certifying signatures securely. manuscript.Google Scholar
  3. [3]
    R. Gallant D. Brown and S. Vanstone. Provably secure implicit certificate schemes. In Financial Cryptography’ 01, to appear.Google Scholar
  4. [4]
    Y. G. Desmedt. Threshold cryptography. European Trans. on Telecommunications, 5(4):449–457, 1994.MathSciNetCrossRefGoogle Scholar
  5. [5]
    P. Feldman. A practical scheme for non-interactive verifiable secret sharing. In 28th FOCS, pages 427–437, 1987.Google Scholar
  6. [6]
    S. Goldwasser, S. Micali, and C. Rackoff. The knowledge complexity of interactive proof systems. SIAM J. on Computing, 18/1:186–308, 1989.CrossRefMathSciNetGoogle Scholar
  7. [7]
    R. Gennaro S. Jarecki H. Krawczyk and T. Rabin. Secure distributed key generation for discrete-log based cryptosystems. In Eurocrypt’ 99, pages 295–310, 1999.Google Scholar
  8. [8]
    S. K. Langford. Threshold DSS signatures without a trusted party. In Crypto’ 95, pages 397–409, 1995.Google Scholar
  9. [9]
    E. Okamoto, G. Davida, and M. Mambo. Some recent research aspects of threshold cryptography. In Workshop on Information Security Applications, 1997.Google Scholar
  10. [10]
    C. Park and K. Kurosawa. New elgamal type threshold digital signature scheme. IEICE Trans., E79-A:86–93, 1996.Google Scholar
  11. [11]
    T.P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In Crypto’ 91, pages 129–140, 1991.Google Scholar
  12. [12]
    T.P. Pedersen. A threshold cryptosystem without a trusted party. In Eurocrypt’ 91, pages 522–526, 1991.Google Scholar
  13. [13]
    L. Pintsov and S. Vanstone. Postal revenue collection in the digital age. In Financial Cryptography’ 00, 2000.Google Scholar
  14. [14]
    D. Pointcheval and J. Stern. Security proofs for signature schemes. In Eurocrypt’ 96, pages 387–399, 1996.Google Scholar
  15. [15]
    C.P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4:161–174, 1991.zbMATHCrossRefGoogle Scholar
  16. [16]
    A. Shamir. How to share a secret. Communications of the ACM, 22:612–613, 1979.zbMATHCrossRefMathSciNetGoogle Scholar
  17. [17]
    M. van Dijk. A linear construction of secret sharing schemes. Designs, Codes and Cryptography, 12:161–201, 1997.zbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Douglas R. Stinson
    • 1
    • 2
  • Reto Strobl
    • 3
  1. 1.Certicom CorporationMississauga ONCanada
  2. 2.Department of Combinatorics and OptimizationUniversity of WaterlooWaterloo OntarioCanada
  3. 3.Department of Computer ScienceSwiss Federal Institute of TechnologySwitzerland

Personalised recommendations