Abstract
Fail-stop signatures (introduced in [WP89]) have the very nice property that the signer is secure against unlimited powerful forgers. However, the known fail-stop signatures require very long keys, and they are quite inefficient, because messages are signed bit-wise. This paper presents a fail-stop signature scheme, in which signing a message block requires two modular multiplications and verification requires less than two modular exponentiations. Furthermore a construction is shown of an undeniable signature scheme, which is unconditionally secure for the signer, and which allows the signer to convert undeniable signatures into fail-stop signatures. This is the first published undeniable signature having this property.
Research done while visiting CWI.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Joan Boyar, David Chaum, Ivan Damgård and Torben Pedersen, Convertible Undeniable Signatures, Advances in Cryptology-CRYPTO’90, LNCS 537, Springer Verlag, pp. 189–205.
David Chaum, Jan-Hendrik Evertse and Jeroen van de Graaf, An improved protocol for demonstrating possession of discrete logarithms and some generalizations, Advances in Cryptology-EUROCRYPT’ 87, LNCS 304, Springer-Verlag, pp. 127–141.
Gerrit Bleumer, Birgit Pfitzmann and Michael Waidner, A remark on a signature scheme where forgery can be proved, Advances in Cryptology-EUROCRYPT’ 90, LNCS 473, Springer Verlag, pp. 441–445.
David Chaum, Eugène van Heyst and Birgit Pfitzmann, Cryptographically strong undeniable signatures, unconditionally secure for the signer, Advances in Cryptology-CRYPTO’ 91.
Whitfield Diffie and Martin Hellman, New directions in cryptography, IEEE IT 22 (1976), pp. 644–654.
Uriel Feige, Amos Fiat and Adi Shamir, Zero-Knowledge Proofs of Identity, Journal of Cryptology 1 (1988), pp. 77–94.
Shafi Goldwasser, Silvio Micali and Ronald Rivest, A digital signature scheme secure against adaptive chosen-message attacks, SIAM J. Comp. 17 (1988), pp. 281–308.
L. Lamport, Constructing Digital Signatures from a One-Way Function, SRI Intl. CSL-98 (October 1979).
Ralph C. Merkle, Protocols for public key cryptosystems; Proceedings of the 1980 symposium on security and privacy, April 1980, Oakland, California, pp. 122–134.
Torben Pedersen, Non-interactive and information-theoretic secure variable secret sharing, Advances in Cryptology-CRYPTO’ 91.
Birgit Pfitzmann, personal communication.
Birgit Pfitzmann and Michael Waidner, Formal aspects of fail-stop signatures, Interner Bericht 22/90, Fakultät für Informatik, Universität Karlsruhe, December 1990.
Birgit Pfitzmann and Michael Waidner, Fail-stop signatures and their applications, SECURICOM’ 91, Paris, 1991, pp. 145–160.
Ronald Rivest, Adi Shamir, and Leonard Adleman, A Method for Obtaining Digital Signatures and Public Key Cryptosystems, Comm. of the ACM 21 (1978), pp. 120–126.
Michael Waidner and Birgit Pfitzmann, The Dining Cryptographers in the Disco: Unconditional Sender and Recipient Untraceability with Computationally Secure Serviceability, Advances in Cryptology-EUROCRYPT’ 89, LNCS 434, Springer Verlag, p. 690.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1993 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
van Heyst, E., Pedersen, T.P. (1993). How to Make Efficient Fail-stop Signatures. In: Rueppel, R.A. (eds) Advances in Cryptology — EUROCRYPT’ 92. EUROCRYPT 1992. Lecture Notes in Computer Science, vol 658. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47555-9_30
Download citation
DOI: https://doi.org/10.1007/3-540-47555-9_30
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-56413-3
Online ISBN: 978-3-540-47555-2
eBook Packages: Springer Book Archive