Results 1  10
of
84,600
The exact security of digital signatures  How to sign with RSA and Rabin
, 1996
"... We describe an RSAbased signing scheme called PSS which combines essentially optimal efficiency with attractive security properties. Signing takes one RSA decryption plus some hashing, ..."
Abstract

Cited by 385 (17 self)
 Add to MetaCart
We describe an RSAbased signing scheme called PSS which combines essentially optimal efficiency with attractive security properties. Signing takes one RSA decryption plus some hashing,
On the Importance of Checking Cryptographic Protocols for Faults
, 1997
"... We present a theoretical model for breaking various cryptographic schemes by taking advantage of random hardware faults. We show how to attack certain implementations of RSA and Rabin signatures. An implementation of RSA based on the Chinese Remainder Theorem can be broken using a single erroneous s ..."
Abstract

Cited by 397 (6 self)
 Add to MetaCart
We present a theoretical model for breaking various cryptographic schemes by taking advantage of random hardware faults. We show how to attack certain implementations of RSA and Rabin signatures. An implementation of RSA based on the Chinese Remainder Theorem can be broken using a single erroneous
How to compress rabin ciphertexts and signatures (and more
 Proceedings of Crypto 2004, volume 3152 of LNCS
, 2004
"... Abstract. Ordinarily, RSA and Rabin ciphertexts and signatures are log N bits, where N is a composite modulus; here, we describe how to “compress ” Rabin ciphertexts and signatures (among other things) down to about (2/3) log N bits, while maintaining a tight provable reduction from factoring in the ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
Abstract. Ordinarily, RSA and Rabin ciphertexts and signatures are log N bits, where N is a composite modulus; here, we describe how to “compress ” Rabin ciphertexts and signatures (among other things) down to about (2/3) log N bits, while maintaining a tight provable reduction from factoring
Universal OneWay Hash Functions and their Cryptographic Applications
, 1989
"... We define a Universal OneWay Hash Function family, a new primitive which enables the compression of elements in the function domain. The main property of this primitive is that given an element x in the domain, it is computationally hard to find a different domain element which collides with x. We ..."
Abstract

Cited by 346 (15 self)
 Add to MetaCart
We define a Universal OneWay Hash Function family, a new primitive which enables the compression of elements in the function domain. The main property of this primitive is that given an element x in the domain, it is computationally hard to find a different domain element which collides with x. We
PROVING TIGHT SECURITY FOR STANDARD RABINWILLIAMS SIGNATURES
, 2003
"... This paper discusses the security of the RabinWilliams publickey signature system with a deterministic signing algorithm that computes “standard signatures.” The paper proves that any generic attack on standard RabinWilliams signatures can be mechanically converted into a factorization algorithm ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
This paper discusses the security of the RabinWilliams publickey signature system with a deterministic signing algorithm that computes “standard signatures.” The paper proves that any generic attack on standard RabinWilliams signatures can be mechanically converted into a factorization algorithm
Network Centric Warfare: Developing and Leveraging Information Superiority
 Command and Control Research Program (CCRP), US DoD
, 2000
"... the mission of improving DoD’s understanding of the national security implications of the Information Age. Focusing upon improving both the state of the art and the state of the practice of command and control, the CCRP helps DoD take full advantage of the opportunities afforded by emerging technolo ..."
Abstract

Cited by 308 (5 self)
 Add to MetaCart
the mission of improving DoD’s understanding of the national security implications of the Information Age. Focusing upon improving both the state of the art and the state of the practice of command and control, the CCRP helps DoD take full advantage of the opportunities afforded by emerging technologies. The CCRP pursues a broad program of research and analysis in information superiority, information operations, command and control theory, and associated operational concepts that enable us to leverage shared awareness to improve the effectiveness and efficiency of assigned missions. An important aspect of the CCRP program is its ability to serve as a bridge between the operational, technical, analytical, and educational communities. The CCRP provides leadership for the command and control research community by: n n
On Rabintype Signatures
, 2001
"... This paper specializes the signature forgery by Coron, Naccache and Stern (1999) to Rabintype systems. We present a variation in which the adversary may derive the private keys and thereby forge the signature on any chosen message. Further, we demonstrate that, contrary to the RSA, the use of large ..."
Abstract
 Add to MetaCart
This paper specializes the signature forgery by Coron, Naccache and Stern (1999) to Rabintype systems. We present a variation in which the adversary may derive the private keys and thereby forge the signature on any chosen message. Further, we demonstrate that, contrary to the RSA, the use
Digital Signatures for Flows and Multicasts
, 1999
"... We present chaining techniques for signing/verifying multiple packets using a single signing/verification operation. We then present flow signing and verification procedures based upon a tree chaining technique. Since a single signing/verification operation is amortized over many packets, these proc ..."
Abstract

Cited by 164 (2 self)
 Add to MetaCart
to four other digital signature schemes (RSA, DSA, ElGamal, Rabin). We compare their signing and verification times, as well as key and signature sizes. We observe that (i) eFFS is the fastest in signing (by a large margin over any of the other four schemes) and as fast as RSA in verification (tie for a
Proving tight security for Rabin/Williams signatures
 In EUROCRYPT
, 2008
"... This paper proves “tight security in the randomoracle model relative to factorization ” for the lowestcost signature systems available today: every hashgeneric signatureforging attack can be converted, with negligible loss of efficiency and effectiveness, into an algorithm to factor the public k ..."
Abstract

Cited by 20 (3 self)
 Add to MetaCart
key. The most surprising system is the “fixed unstructured B = 0 RabinWilliams” system, which has a tight security proof despite hashing unrandomized messages. At a lower level, the three main accomplishments of the paper are (1) a “B ≥ 1 ” proof that handles some of the lowestcost signature systems
Results 1  10
of
84,600