How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
SIAM Journal on Computing
Robust Non-interactive Zero Knowledge
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
On Concrete Security Treatment of Signatures Derived from Identification
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Non-Malleable Non-Interactive Zero Knowledge and Adaptive Chosen-Ciphertext Security
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Universal Arguments and their Applications
CCC '02 Proceedings of the 17th IEEE Annual Conference on Computational Complexity
How to Go Beyond the Black-Box Simulation Barrier
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
On the (In)security of the Fiat-Shamir Paradigm
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
SFCS '94 Proceedings of the 35th Annual Symposium on Foundations of Computer Science
Improved Indifferentiability Security Analysis of chopMD Hash Function
Fast Software Encryption
Security proofs for signature schemes
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Domain extension of public random functions: beyond the birthday Barrier
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
On seed-incompressible functions
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Multi-property-preserving hash domain extension and the EMD transform
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Analysis of random oracle instantiation scenarios for OAEP and other practical schemes
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Merkle-Damgård revisited: how to construct a hash function
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
On the generic insecurity of the full domain hash
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Hi-index | 0.01 |
At FOCS 2003, Goldwasser and Kalai showed the insecurity of the digital signature schemes obtained by the Fiat-Shamir transformation in the standard model. However, the proof of this negative result is complicated. This paper shows a much simpler counter example in the restricted (but realistic) case that the hash functions are designed by iterating an underlying hash function with an a-priori bounded input length, although we slightly extend the Fiat-Shamir paradigm. The result in [19] ruled out the case that the underlying identification schemes are interactive proofs, whereas this result can apply to the case.