Universal one-way hash functions and their cryptographic applications
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Collision-Resistant Hashing: Towards Making UOWHFs Practical
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
On the Security of Joint Signature and Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Provably Secure and ID-Based Group Signature Scheme
AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Two-tier signatures, strongly unforgeable signatures, and Fiat-Shamir without random oracles
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
A CDH-based strongly unforgeable signature without collision resistant hash function
ProvSec'07 Proceedings of the 1st international conference on Provable security
Cryptanalysis of two signature schemes based on bilinear pairings in CISC '05
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Evaluating 2-DNF formulas on ciphertexts
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Efficient identity-based encryption without random oracles
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Strongly unforgeable signatures based on computational diffie-hellman
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Compact group signatures without random oracles
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Hi-index | 0.00 |
A signature scheme is strongly unforgeable if no adversary can produce a new valid signature @s on a message M even after seeing some signatures on M. We define strong unforgeability of group signature schemes and explain why the strong unforgeability of a group signature scheme is necessary. This relatively new security concept was not considered when Bellare-Micciancio-Warinschi established their security model, what we call the BMW security model, of group signature schemes. We show that a scheme proposed at Eurocrypt'06 that was proven secure in the BMW security model is not strongly unforgeable. We also present a method to convert this scheme into a strongly unforgeable group signature scheme preserving the security in the BMW security model.