Article

Tight proofs for signature schemes without random oracles

Author:

Sven SchägeAuthors Info & Claims

EUROCRYPT'11: Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology

Pages 189 - 206

Published: 15 May 2011 Publication History

Abstract

We present the first tight security proofs for two general classes of Strong RSA based signature schemes. Among the affected signature schemes are the Cramer-Shoup, Camenisch-Lysyanskaya, Zhu, and Fischlin signature scheme. We also present two bilinear variants of our signature classes that produce short signatures. Similar to before, we show that these variants have tight security proofs under the the Strong Diffie-Hellman (SDH) assumption. We so obtain very efficient SDH-based variants of the Cramer-Shoup, Fischlin, and Zhu signature scheme and the first tight security proof of the recent Camenisch-Lysyanskaya scheme that was proposed and proven secure under the SDH assumption. Central to our results is a new proof technique that allows the simulator to avoid guessing which of the attacker's signature queries are re-used in the forgery. In contrast to previous proofs, our security reduction does not lose a factor of q here.

References

[1]

Au, M.H., Susilo, W., Mu, Y.: Constant-size dynamic k-TAA. In: Prisco, R.D., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 111-125. Springer, Heidelberg (2006).

Digital Library

[2]

Bernstein, D.J.: Proving tight security for rabin-williams signatures. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 70-87. Springer, Heidelberg (2008).

Digital Library

[3]

Boneh, D., Boyen, X.: Short signatures without random oracles and the SDH assumption in bilinear groups. J. Cryptology 21(2), 149-177 (2008).

Digital Library

[4]

Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268-289. Springer, Heidelberg (2003).

Digital Library

[5]

Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M.K. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56-72. Springer, Heidelberg (2004).

[6]

Chevallier-Mames, B., Joye, M.: A practical and tightly secure signature scheme without hash function. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 339-356. Springer, Heidelberg (2006).

Digital Library

[7]

Coron, J.S., Naccache, D.: Security analysis of the gennaro-halevi-rabin signature scheme. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 91-101. Springer, Heidelberg (2000).

Digital Library

[8]

Cramer, R., Shoup, V.: Signature schemes based on the Strong RSA assumption. ACM Trans. Inf. Syst. Secur. 3(3), 161-185 (2000).

Digital Library

[9]

Fischlin, M.: The cramer-shoup strong-RSA Signature scheme revisited. In: Desmedt, Y. (ed.) PKC 2003. LNCS, vol. 2567, pp. 116-129. Springer, Heidelberg (2002).

Digital Library

[10]

Gennaro, R., Halevi, S., Rabin, T.: Secure hash-and-sign signatures without the random oracle. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 123-139. Springer, Heidelberg (1999).

Digital Library

[11]

Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17(2), 281-308 (1988).

Digital Library

[12]

Hofheinz, D., Kiltz, E.: Programmable hash functions and their applications. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 21-38. Springer, Heidelberg (2008).

Digital Library

[13]

Krawczyk, H., Rabin, T.: Chameleon signatures. In: NDSS. The Internet Society, San Diego (2000).

[14]

Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184-199. Springer, Heidelberg (2000).

Digital Library

[15]

Okamoto, T.: Efficient blind and partially blind signatures without random oracles. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 80-99. Springer, Heidelberg (2006).

Digital Library

[16]

Rosser, B.: Explicit bounds for some functions of prime numbers. American Journal of Mathematics 63(1), 211-232 (1941).

[17]

Shamir, A., Tauman, Y.: Improved online/offline signature schemes. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 355-367. Springer, Heidelberg (2001).

Digital Library

[18]

Zhu, H.: New digital signature scheme attaining immunity to adaptive-chosen message attack. Chinese Journal of Electronics 10(4), 484-486 (2001).

[19]

Zhu, H.: A formal proof of Zhu's signature scheme. Cryptology ePrint Archive, Report 2003/155 (2003), http://eprint.iacr.org/

Cited By

Fleischhacker NJager TSchröder D(2019)On Tight Security Proofs for Schnorr SignaturesJournal of Cryptology10.1007/s00145-019-09311-532:2(566-599)Online publication date: 1-Apr-2019
https://dl.acm.org/doi/10.1007/s00145-019-09311-5
Jager TKakvi SMay ALie DMannan MBackes MWang X(2018)On the Security of the PKCS#1 v1.5 Signature SchemeProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243798(1195-1208)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243798
Bader CJager TLi YSchäge S(2016)On the Impossibility of Tight Cryptographic ReductionsProceedings, Part II, of the 35th Annual International Conference on Advances in Cryptology --- EUROCRYPT 2016 - Volume 966610.5555/3081738.3081748(273-304)Online publication date: 8-May-2016
https://dl.acm.org/doi/10.5555/3081738.3081748
Show More Cited By

Tight proofs for signature schemes without random oracles
1. Security and privacy
2. Theory of computation

Recommendations

Tight Security for Signature Schemes Without Random Oracles

We present the first tight security proofs for two general classes of Strong RSA (SRSA) based signature schemes. Among the covered signature schemes are the signature schemes by Cramer---Shoup, Zhu, Fischlin, and the SRSA-based Camenisch---Lysyanskaya ...
Short and efficient convertible undeniable signature schemes without random oracles

A convertible undeniable signature allows a signer to confirm or disavow a non-self-authenticating signature and also convert a valid one to a publicly verifiable signature. During the conversion, existing schemes either require the signer to be ...
Efficient Strongly Unforgeable ID-Based Signature Without Random Oracles

Up to date, a large number of ID-based signature (IBS) schemes based on bilinear pairings have been proposed. Most of these IBS schemes possess existential unforgeability under adaptive chosen-message attacks, among which some offer strong ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

EUROCRYPT'11: Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology

May 2011

628 pages

ISBN:9783642204647

Editor:
Kenneth G. Paterson
Information Security Group, Royal Holloway, University of London, Egham, Surrey, UK

Sponsors

QI: Qualcomm Inc.
ERDF: The European Regional Development Fund
Guardtime: Guardtime
Swedbank: Swedbank

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 15 May 2011

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Fleischhacker NJager TSchröder D(2019)On Tight Security Proofs for Schnorr SignaturesJournal of Cryptology10.1007/s00145-019-09311-532:2(566-599)Online publication date: 1-Apr-2019
https://dl.acm.org/doi/10.1007/s00145-019-09311-5
Jager TKakvi SMay ALie DMannan MBackes MWang X(2018)On the Security of the PKCS#1 v1.5 Signature SchemeProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243798(1195-1208)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243798
Bader CJager TLi YSchäge S(2016)On the Impossibility of Tight Cryptographic ReductionsProceedings, Part II, of the 35th Annual International Conference on Advances in Cryptology --- EUROCRYPT 2016 - Volume 966610.5555/3081738.3081748(273-304)Online publication date: 8-May-2016
https://dl.acm.org/doi/10.5555/3081738.3081748
Hofheinz DJager T(2016)Tightly secure signatures and public-key encryptionDesigns, Codes and Cryptography10.1007/s10623-015-0062-x80:1(29-61)Online publication date: 1-Jul-2016
https://dl.acm.org/doi/10.1007/s10623-015-0062-x
Hofheinz D(2016)Algebraic PartitioningProceedings, Part I, of the 13th International Conference on Theory of Cryptography - Volume 956210.1007/978-3-662-49096-9_11(251-281)Online publication date: 10-Jan-2016
https://dl.acm.org/doi/10.1007/978-3-662-49096-9_11
Libert BPeters TJoye MYung M(2015)Compactly Hiding Linear SpansProceedings, Part I, of the 21st International Conference on Advances in Cryptology -- ASIACRYPT 2015 - Volume 945210.1007/978-3-662-48797-6_28(681-707)Online publication date: 29-Nov-2015
https://dl.acm.org/doi/10.1007/978-3-662-48797-6_28
Bader C(2014)Efficient Signatures with Tight Real World Security in the Random-Oracle ModelProceedings of the 13th International Conference on Cryptology and Network Security - Volume 881310.1007/978-3-319-12280-9_24(370-383)Online publication date: 22-Oct-2014
https://dl.acm.org/doi/10.1007/978-3-319-12280-9_24
Hofheinz DJager T(2012)Tightly Secure Signatures and Public-Key EncryptionProceedings of the 32nd Annual Cryptology Conference on Advances in Cryptology --- CRYPTO 2012 - Volume 741710.1007/978-3-642-32009-5_35(590-607)Online publication date: 19-Aug-2012
https://dl.acm.org/doi/10.1007/978-3-642-32009-5_35
Schäge S(2012)Strong security from probabilistic signature schemesProceedings of the 15th international conference on Practice and Theory in Public Key Cryptography10.1007/978-3-642-30057-8_6(84-101)Online publication date: 21-May-2012
https://dl.acm.org/doi/10.1007/978-3-642-30057-8_6
Hofheinz DJager TKnapp E(2012)Waters signatures with optimal security reductionProceedings of the 15th international conference on Practice and Theory in Public Key Cryptography10.1007/978-3-642-30057-8_5(66-83)Online publication date: 21-May-2012
https://dl.acm.org/doi/10.1007/978-3-642-30057-8_5
Show More Cited By

View Options

View options

Figures

Tables

Media

View Table of Conten