A Digital Signature Based on a Conventional Encryption Function

  • Ralph C. Merkle
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 293)


A new digital signature based only on a conventional encryption function (such as DES) is described which is as secure as the underlying encryption function -- the security does not depend on the difficulty of factoring and the high computational costs of modular arithmetic are avoided. The signature system can sign an unlimited number of messages, and the signature size increases logarithmically as a function of the number of messages signed. Signature size in a ‘typical’ system might range from a few hundred bytes to a few kilobytes, and generation of a signature might require a few hundred to a few thousand computations of the underlying conventional encryption function.


Signature Size Encryption Function Modular Arithmetic Count Field Infinite Tree 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    ‘New Directions in Cryptography’, IEEE Trans. on Information Theory, IT-22,6(Nov. 1976),644–654Google Scholar
  2. 2.
    ‘A method for obtaining digital signatures and public-key cryptosystems.’ CACM 21,2, Feb. 1978 120–126Google Scholar
  3. 3.
    ‘Secrecy, Authentication, and Public Key Systems’, Ralph C. Merkle, UMI Research Press 1982.Google Scholar
  4. 4.
    ‘How to Prove Yourself: Practical Solutions to Identification and Signature Problems’, Amos Fiat and Adi Shamir, 1986.Google Scholar
  5. 5.
    ‘Making the Digital Signature Legal — and Safeguarded’, S.M. Lipton, S.M. Matyas, Data Communications, Feb. 1978 41–52.Google Scholar
  6. 6.
    Private Communication, Robert Winternitz, 1980.Google Scholar
  7. 7.
    ‘Cryptography and Data Security’, by Dorothy E.R. Denning, Addison Wesley 1982.Google Scholar
  8. 8.
    ‘A “Paradoxical” solution to the Signature Problem’, by Shafi Goldwasser, Silvio Micali and Ronald L. Rivest, from the Symposium on the Foundations of Computer Science, 1984, page 441–448.Google Scholar
  9. 9.
    ‘A Digital Signature Scheme Secure Against Adaptive Chosen Message Attack’, by Shafi Goldwasser, Silvio Micali and Ronald L. Rivest, extended abstract, 1986.Google Scholar
  10. 10.
    ‘Cryptography: a New Dimension in Computer Data Security’, by Carl H. Meyer and Stephen M. Matyas, Wiley 1982.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1988

Authors and Affiliations

  • Ralph C. Merkle
    • 1
  1. 1.ElxsiSan Jose

Personalised recommendations