Encyclopedia of Cryptography and Security

2005 Edition
| Editors: Henk C. A. van Tilborg

Secure signatures from the “strong RSA” assumption

  • Dan Boneh
Reference work entry
DOI: https://doi.org/10.1007/0-387-23483-7_374

In the late 1990's it was realized that by making a somewhat stronger intractability assumption than RSA (see RSA problem), it is possible to devise digital signature schemes that are fairly efficient, and at the same time have a rigorous proof of security (without resorting to the random-oracle heuristic). The intractability assumption states that given a modulus n (see modular arithmetic) of unknown factorization and an element x in the ring\(Z_{n}^{\ast}\)

This is a preview of subscription content, log in to check access.


  1. [1]
    Barić, N. and B. Pfitzmann (1997). “Collision-free accumulators and fail-stop signature schemes without trees.” Advances in Cryptology—EUROCRYPT'97, Lecture Notes in Computer Science, vol. 1233, ed. W. Fumy. Springer-Verlag, Berlin, 480–494.Google Scholar
  2. [2]
    Coron, J.S. and D. Naccache (2000). “Security analysis of the Gennaro–Halevi–Rabin signature scheme.” Advances in Cryptology—EUROCRYPT 2000, Lecture Notes in Computer Science, vol. 1807, ed. B. Preneel. Springer-Verlag, Berlin, 91–101.Google Scholar
  3. [3]
    Cramer, R. and I.B. Damgård (1996). “New generations of secure and practical RSA-based signatures.” Advances in Cryptology—CRYPTO'96, Lecture Notes in Computer Science, vol. 1109, ed. N. Koblitz. Springer-Verlag, Berlin, 173–186.Google Scholar
  4. [4]
    Cramer, R. and V. Shoup (2000). “Signature schemes based on the strong RSA assumption.” ACM Transactions on Information System Security (ACM-TISSEC), 3 (3), 161–185.Google Scholar
  5. [5]
    Damgård, I.B. and M. Koprowski (2002). “Generic lower bounds for root extraction and signature schemes in general groups.” Advances in Cryptology—EUROCRYPT 2002, Lecture Notes in Computer Science, vol. 2332, ed. L. Knudsen. Springer-Verlag, Berlin, 256–271.Google Scholar
  6. [6]
    Fischlin, M. (2003). “The Cramer–Shoup strong-RSA signature scheme revisited.” Public Key Cryptography—PKC 2003, Lecture Notes in Computer Science, vol. 2567, ed. Y.G. Desmedt. Springer-Verlag, Berlin, 116–129.Google Scholar
  7. [7]
    Gennaro, R., S. Halevi, and T. Rabin (1999). “Secure hash-and-sign signatures without the random oracle.” Advances in Cryptology—EUROCRYPT'99, Lecture Notes in Computer Science, vol. 1592, ed. J. Stem. Springer-Verlag, Berlin, 123–139.Google Scholar

Copyright information

© International Federation for Information Processing 2005

Authors and Affiliations

  • Dan Boneh

There are no affiliations available