Two-tier signatures from the Fiat-Shamir transform, with applications to strongly unforgeable and one-time signatures

IET Information Security

Volumn 2, Issue 2, 2008, Pages 47-63

  Bellare, M ^a   Shoup, S ^a  

^a UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ENGINEERING TECHNOLOGY; FUNCTIONS; KETONES; NETWORK PROTOCOLS; STANDARDS; TECHNOLOGY;

(OTDR) TECHNOLOGY; (PL) PROPERTIES; COMPUTATIONAL COSTS; HASH FUNCTIONS; IDENTIFICATION PROTOCOLS; ONE WAY FUNCTIONS; ONE-TIME SIGNATURE; RANDOM ORACLES; SIGNATURE SCHEMES;

COMPUTER NETWORKS;

EID: 45749116570     PISSN: 17518709     EISSN: 17518717     Source Type: Journal    
DOI: 10.1049/iet-ifs:20070089     Document Type: Article

References (40)

1. Fiat, A., and Shamir, A.: ' How to prove yourself: practical solutions to identification and signature problems ', CRYPTO'86, Santa Barbara, CA, USA, August, 1987, p. 186-194
2. Schnorr, C.-P.: ' Efficient signature generation by smart cards ', J. Cryptol., 1991, 4, (3), p. 161-174 0933-2790
3. Guillou, L.C., and Quisquater, J.-J.: ' A paradoxical identity-based signature scheme resulting from zero-knowledge ', CRYPTO'88, Santa Barbara, CA, USA, August, 1990, p. 216-231
4. Guillou, L.C., and Quisquater, J.-J.: ' A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory ', EUROCRYPT'88, Davos, Switzerland, May, 25-27, 1988
5. Pointcheval, D., and Stern, J.: ' Security arguments for digital signatures and blind signatures ', J. Cryptol., 2000, 13, (3), p. 361-396 0933-2790
6. Micali, S., Ohta, K., and Reyzin, L.: ' Accountable-subgroup multisignatures ', ACM CCS 01, Philadelphia, PA, USA, November, 5-8, 2001, p. 245-254
7. Bellare, M., and Neven, G.: ' Multi-signatures in the plain public-key model and a general forking lemma ', ACM CCS 06, Alexandria, VA, USA, November, 7-11, 2006, p. 390-399
8. Boneh, D., Boyen, X., and Shacham, H.: ' Short group signatures ', CRYPTO 2004, Santa Barbara, CA, USA, August, 15-19, 2004, p. 41-55
9. Goldwasser, S., Micali, S., and Rivest, R.L.: ' A digital signature scheme secure against adaptive chosen-message attacks ', SIAM J. Comput., 1988, 17, (2), p. 281-308 0097-5397
10. Ohta, K., and Okamoto, T.: ' On concrete security treatment of signatures derived from identification ', CRYPTO'98, Santa Barbara, CA, USA, August, 23-27, 1998, p. 354-369
11. Abdalla, M., An, J.H., Bellare, M., and Namprempre, C.: ' From identification to signatures via the Fiat-Shamir transform: minimizing assumptions for security and forward security ', EUROCRYPT 2002, Amsterdam, The Netherlands, 28 April-2 May, 2002, p. 418-433
12. Goldwasser, S., and Tauman Kalai, Y.: ' On the (in)security of the Fiat-Shamir paradigm ', 44th, FOCS, Cambridge, MA, USA, October, 11-14, 2003, p. 102-115
13. Feige, U., Fiat, A., and Shamir, A.: ' Zero knowledge proofs of identity ', J. Cryptol., 1988, 1, (2), p. 77-94 0933-2790
14. Bellare, M., and Palacio, A.: ' GQ and Schnorr identification schemes: proofs of security against impersonation under active and concurrent attacks ', CRYPTO 2002, Santa Barbara, CA, USA, August, 18-22, 2002, p. 162-177
15. Okamoto, T.: ' Provably secure and practical identification schemes and corresponding signature schemes ', CRYPTO'92, Santa Barbara, CA, USA, August, 16-20, 1992, p. 31-53
16. Bellare, M., Namprempre, C., and Neven, G.: ' Security proofs for identity-based identification and signature schemes ', EUROCRYPT 2004, Interlaken, Switzerland, May, 2-6, 2004, p. 268-286
17. Boneh, D., Shen, E., and Waters, B.: ' Strongly unforgeable signatures based on computational Diffie-Hellman ', PKC 2006, New York, NY, USA, April, 24-26, 2006, p. 229-240
18. Waters, B.R.: ' Efficient identity-based encryption without random oracles ', EUROCRYPT 2005, Aarhus, Denmark, May, 22-26, 2005, p. 114-127
19. Even, S., Goldreich Oded, and Micali, S.: ' On-line/off-line digital signatures ', J. Cryptol., 1996, 9, (1), p. 35-67 0933-2790
20. Bleichenbacher, D., and Maurer, U.: ' On the efficiency of one-time digital signatures ', ASIACRYPT'96, Kyongju, Korea, November, 3-7, 1996, p. 196-209
21. Dai W.: 'Crypto++ library', http://www.cryptopp.com/
22. Dolev, D., Dwork, C., and Naor, M.: ' Non-malleable cryptography ', SIAM J. Comput., 2000, 30, (2), p. 391-437 0097-5397
23. Lindell, Y.: ' A simpler construction of CCA2-secure public-key encryption under general assumptions ', J. Cryptol., 2006, 19, (3), p. 359-377 0933-2790
24. Canetti, R., Halevi, S., and Katz, J.: ' Chosen-ciphertext security from identity-based encryption ', SIAM J. Comput., 2006, 36, (5), p. 915-942 0097-5397
25. Dodis, Y., and Katz, J.: ' Chosen-ciphertext security of multiple encryption ', TCC 2005, Cambridge, MA, USA, February, 10-12, 2005, p. 188-209
26. Cramer, R., and Damgård, I.: ' Secure signature schemes based on interactive protocols ', CRYPTO'95, Santa Barbara, CA, USA, August, 27-31, 1995, p. 297-310
27. ' Generic transformation to strongly unforgeable signatures ', Cryptology ePrint Archive, Report 2006/346, 2006, http://eprint.iacr.org/2006/346
28. Teranishi, I., Oyama, T., and Ogata, W.: ' General conversion for obtaining strongly existentially unforgeable signatures ', INDOCRYPT 2006, p. 191-205
29. Steinfeld, R., Pieprzyk, J., and Wang, H.: ' How to strengthen any weakly unforgeable signature into a strongly unforgeable signature ', CT-RSA 2007, San Francisco, CA, USA, February, 5-9, 2007, p. 357-371
30. Goldreich, O.: ' Foundations of cryptography, vol. 2: Basic applications ', (Cambridge University Press, Cambridge, UK, 2004)
31. Paillier, P., and Vergnaud, D.: ' Discrete-log-based signatures may not be equivalent to discrete log ', ASIACRYPT 2005, Chennai, India, December, 4-8, 2005
32. Bellare, M., Namprempre, C., Pointcheval, D., and Semanko, M.: ' The one-more-RSA-inversion problems and the security of Chaum's blind signature scheme ', J. Cryptol., 2003, 16, (3), p. 185-215 0933-2790
33. Shamir, A., and Tauman, Y.: ' Improved online/offiine signature schemes ', CRYPTO 2001, Santa Barbara, CA, USA, August, 19-23, 2001, p. 355-367
34. Cramer, R.: ' Modular design of secure yet practical cryptographic protocols ', November, 1996, PhD, CWI and University of Amsterdam
35. Goldreich, O., and Krawczyk, H.: ' On the composition of zero-knowledge proof systems ', SIAM J. Comput., 1996, 25, (1), p. 169-192 0097-5397
36. Feige, U., and Shamir, A.: ' Witness indistinguishable and witness hiding protocols ', 22nd, ACM STOC, Seattle, WA, USA, May, 15-17, 1990, p. 416-426
37. Menezes, A.J., van Oorschot, P.C., and Vanstone, S.A.: ' Handbook of applied cryptography ', (CRC Press, Boca Raton, FL, 1997), The CRC Press Series on Discrete Mathematics and its Applications
38. Shamir, A.: ' Identity-based cryptosystems and signature schemes ', CRYPTO'84, Santa Barbara, CA, USA, August, 19-23, 1985, p. 47-53
39. Hess, F.: ' Efficient identity based signature schemes based on pairings ', SAC 2002, St. John's, Newfoundland, Canada, August, 15-16, 2003, p. 310-324
40. Cha, J.C., and Cheon, J.H.: ' An identity-based signature from gap Diffie-Hellman groups ', PKC 2003, Miami, USA, January, 6-8, 2003, p. 18-30