A signature scheme as secure as the Diffie-Hellman problem

A signature scheme as secure as the Diffie-Hellman problem (2003)

Cached

Download Links

Other Repositories/Bibliography

DBLP

by Eu-jin Goh

Venue:	Proceedings of Eurocrypt 2003, volume 2656 of LNCS
Citations:	21 - 1 self

BibTeX

@INPROCEEDINGS{Goh03asignature,
    author = {Eu-jin Goh},
    title = {A signature scheme as secure as the Diffie-Hellman problem},
    booktitle = {Proceedings of Eurocrypt 2003, volume 2656 of LNCS},
    year = {2003},
    pages = {401--415},
    publisher = {Springer-Verlag}
}

Bookmark

OpenURL

Abstract

Abstract. We show a signature scheme whose security is tightly related to the Computational Diffie-Hellman (CDH) assumption in the Random Oracle Model. Existing discrete-log based signature schemes, such as ElGamal, DSS, and Schnorr signatures, either require non-standard assumptions, or their security is only loosely related to the discrete logarithm (DL) assumption using Pointcheval and Stern’s “forking ” lemma. Since the hardness of the CDH problem is widely believed to be closely related to the hardness of the DL problem, the signature scheme presented here offers better security guarantees than existing discrete-log based signature schemes. Furthermore, the new scheme has comparable efficiency to existing schemes. The signature scheme was previously proposed in the cryptographic literature on at least two occasions. However, no security analysis was done, probably because the scheme was viewed as a slight modification of Schnorr signatures. In particular, the scheme’s tight security reduction to CDH has remained unnoticed until now. Interestingly, this discrete-log based signature scheme is similar to the trapdoor permutation based PSS signatures proposed by Bellare and Rogaway, and has a tight reduction for a similar reason.

Citations

2292	New Directions in Cryptography - Diffie, Hellman
1130	Random oracles are practical: A paradigm for designing efficient protocols - Bellare, Rogaway - 1993
961	A public key cryptosystem and a signature scheme based on discrete logarithms - ElGamal - 1985
711	A digital signature scheme secure against adaptive chosenmessage attacks - Goldwasser, Micali, et al. - 1988
706	A.: How to prove yourself: Practical solutions to identification and signature problems - Fiat, Shamir - 1986
460	H.: Short signatures from the Weil pairing - Boneh, Lynn, et al. - 2002
288	The exact security of digital signatures - how to sign with rsa and rabin - Bellare, Rogaway - 1996
284	M.: Universal one-way hash functions and their cryptographic applications - Naor, Yung - 1989
261	Efficient Identification and Signatures for Smart Cards. CRYPTO - Schnorr - 1989
191	Security Proofs for Signature Schemes - Pointcheval, Stern - 1996
171	One-way functions are necessary and sufficient for secure signatures - Rompel - 1990
127	Signature schemes based on the strong RSA assumption - Cramer, Shoup
107	The gap-problems: a new class of problems for the security of cryptographic schemes - Okamoto, Pointcheval - 2001
106	Secure hash-and-sign signatures without the random oracle - Gennaro, Halevi, et al. - 1999
103	Fast Batch Verification for Modular Exponentiation and Digital Signatures - Bellare, Garay, et al. - 1998
94	Securing Threshold Cryptosystems against Chosen Ciphertext Attack - Shoup, Gennaro
69	Algorithms for black box fields and their application to cryptography - Boneh, Lipton - 1996
61	Fast exponentiation with precomputation - Brickell, Gordon, et al. - 1992
56	Oded Goldreich, and Shai Halevi, The random oracle methodology, revisited - Canetti - 1998
41	Proof systems for general statements about discrete logarithms - Camenisch, Stadler - 1997
38	bounds for discrete logarithms and related problems - Lower - 1997
36	On concrete security treatment of signatures derived from identification - Ohta, Okamoto - 1998
24	The relationship between breaking the Diffie-Hellman protocol and computing discrete logarithms - Maurer, Wolf - 1999
23	Design validations for discrete logarithm based signature schemes - Brickell, Pointcheval, et al. - 2000
22	Jan-Hendrik Evertse, Jeroen van de Graaf, and René Peralta. Demonstrating Possession of a Discrete Logarithm Without Revealing It - Chaum - 1987
16	Chaum and Torben Pryds Pedersen. Wallet Databases with Observers (extended abstract - David - 1992
14	and Yael Tauman. Improved online/offline signature schemes - Shamir - 2001
10	Efficient Oblivious Proofs of Correct Exponentiation - Jakobsson, Schnorr - 1999
10	Improving the exact security of digital signature schemes - Micali, Reyzin