Abstract
We propose the first forward-secure signature scheme for which both signing and verifying are as efficient as for one of the most efficient ordinary signature schemes (Guillou-Quisquater [GQ88]), each requiring just two modular exponentiations with a short exponent. All previously proposed forward-secure signature schemes took significantly longer to sign and verify than ordinary signature schemes.
Our scheme requires only fractional increases to the sizes of keys and signatures, and no additional public storage. Like the underlying [GQ88] scheme, our scheme is provably secure in the random oracle model.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Ross Anderson. Invited lecture. Fourth Annual Conference on Computer and Communications Security, ACM, 1997.
Michel Abdalla and Leonid Reyzin. A new forward-secure digital signature scheme. In Advances in Cryptology—ASIACRYPT 2000, Springer-Verlag 2000. Full version available from the Cryptology ePrint Archive, record 2000/002, http://eprint.iacr.org/.
Mihir Bellare and Sara Miner. A forward-secure digital signature scheme. In Advances in Cryptology—CRYPTO’ 99, Springer-Verlag, 1999. Revised version is available from http://www.cs.ucsd.edu/mihir/.
Niko Barić and Birgit Pfitzmann. Collision-free accumulators and fail-stop signature schemes without trees. In Advances in Cryptology— EUROCRYPT 97, Springer-Verlag, 1997.
Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM Conference on Computer and Communication Security, pages 62–73, November 1993. Revised version appears in http://www-cse.ucsd.edu/users/mihir/papers/crypto-papers.html.
Eric Bach and Jeffrey Shallit. Algorithmic Number Theory. MIT Press, Cambridge, MA, 1996.
Eiichiro Fujisaki and Tatsuaki Okamoto. Statistical zero knowledge protocols to prove modular polynomial relations. In Burton S. Kaliski Jr., editor, Advances in Cryptology—CRYPTO’ 97, volume 1294 of Lecture Notes in Computer Science, pages 16–30. Springer-Verlag, 17–21 August 1997.
Amos Fiat and Adi Shamir. How to prove yourself: Practical solutions to identification and signature problems. In Andrew M. Odlyzko, editor, Advances in Cryptology—CRYPTO’ 86, volume 263 of Lecture Notes in Computer Science, pages 186–194. Springer-Verlag, 1987, 11–15 August 1986.
Shafi Goldwasser, Silvio Micali, and Ronald L. Rivest. A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing, 17(2):281–308, April 1988.
Shafi Goldwasser, editor. Advances in Cryptology—CRYPTO’ 88, volume 403 of Lecture Notes in Computer Science. Springer-Verlag, 1990, 21–25 August 1988.
Louis Claude Guillou and Jean-Jacques Quisquater. A “paradoxical” indentity-based signature scheme resulting from zero-knowledge. In Gold-wasser [Gol88], pages 216–231.
Hugo Krawczyk. Simple forward-secure signatures from any signature scheme. In Seventh ACM Conference on Computer and Communication Security. ACM, November 1–4 2000.
Silvio Micali and Gene Itkis. Private Communication.
Silvio Micali. A secure and efficient digital signature algorithm. Technical Report MIT/LCS/TM-501, Massachusetts Institute of Technology, Cambridge, MA, March 1994.
Silvio Micali and Leonid Reyzin. Improving the exact security of Fiat-Shamir signature schemes. In R. Baumgart, editor, Secure Networking — CQRE [Secure]’ 99, volume 1740 of Lecture Notes in Computer Science, pages 167–182. Springer-Verlag, 1999.
Kazuo Ohta and Tatsuaki Okamoto. A modification of the Fiat-Shamir scheme. In Goldwasser [Gol88], pages 232–243.
H. Ong and Claus P. Schnorr. Fast signature generation with a Fiat Shamir-like scheme. In I. B. Damgård, editor, Advances in Cryptology— EUROCRYPT 90, volume 473 of Lecture Notes in Computer Science, pages 432–440. Springer-Verlag, 1991, 21–24 May 1990.
David Pointcheval and Jacques Stern. Security proofs for signature schemes. In Ueli Maurer, editor, Advances in Cryptology—EUROCRYPT 96, volume 1070 of Lecture Notes in Computer Science, pages 387–398. Springer-Verlag, 12–16 May 1996.
Adi Shamir. On the generation of cryptographically strong pseudorandom sequences. ACM Transactions on Computer Systems, 1(1):38–44, February 1983.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Itkis, G., Reyzin, L. (2001). Forward-Secure Signatures with Optimal Signing and Verifying. In: Kilian, J. (eds) Advances in Cryptology — CRYPTO 2001. CRYPTO 2001. Lecture Notes in Computer Science, vol 2139. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44647-8_20
Download citation
DOI: https://doi.org/10.1007/3-540-44647-8_20
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42456-7
Online ISBN: 978-3-540-44647-7
eBook Packages: Springer Book Archive