Enhancing the security of perfect blind DL-signatures

Authors:
Claus Peter Schnorr
Affiliations:
Fachbereiche Mathematik/Biologie-Informatik, Universität Frankfurt, PSF 111932, D-60054 Frankfurt am Main, Germany
Venue:
Information Sciences: an International Journal
Year:
2006

Citing 7
Cited 2

How to find and avoid collisions for the knapsack hash function

EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The random oracle methodology, revisited (preliminary version)

STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Security of Blind Discrete Log Signatures against Interactive Attacks

ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
A Generalized Birthday Problem

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Wallet Databases with Observers

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Security proofs for signature schemes

EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Lower bounds for discrete logarithms and related problems

EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques

A novel ID-based designated verifier signature scheme

Information Sciences: an International Journal
Pseudo-cryptanalysis of Luffa

Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology

Quantified Score

Hi-index	0.07

Visualization

Abstract

We enhance the security of Schnorr blind signatures against the novel one-more-forgery of C.P. Schnorr [Security of blind discrete log signatures against interactive attacks, in: ICICS 2001, LNCS, vol. 2229, 2001, Springer-Verlag, Berlin, pp. 1-12] and D. Wagner [A generalized birthday problem, in: Proceedings Crypto'02, LNCS, vol. 2442, Springer-Verlag, Berlin, 2002, pp. 288-303] which is possible even if the discrete logarithm is hard to compute. We show two limitations of this attack. Firstly, replacing the group G by the s-fold direct product G^x^s increases the work of the attack, for a given number of signer interactions, to the s-power while increasing the work of the blind signature protocol merely by a factor s. Secondly, we bound the number of additional signatures per signer interaction that can be efficiently forged by known methods. That fraction of the additional forged signatures can be made arbitrarily small. Our security proofs assume both the random oracle and the generic group model.