How to make efficient fail-stop signatures

Authors:
Eugène Van Heyst;Torben Pryds Pedersen
Affiliations:
CWI Centre for Mathematics and Computer Science, Amsterdam, The Netherlands;Aarhus University, Computer Science Department, Århus C, Denmark
Venue:
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
Year:
1992

Citing 9
Cited 5

A digital signature scheme secure against adaptive chosen-message attacks

SIAM Journal on Computing - Special issue on cryptography
Zero-knowledge proofs of identity

Journal of Cryptology
The dining cryptographers in the disco: unconditional sender and recipient untraceability with computationally secure serviceability

EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
A remark on signature scheme where forgery can be proved

EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Convertible Undeniable Signatures

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing

CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer

CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
An improved protocol for demonstrating possession of discrete logarithms and some generalizations

EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques

On the Existence of Statistically Hiding Bit Commitment Schemes and Fail-Stop Signatures

CRYPTO '93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology
One-time signatures and Chameleon hash functions

SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Efficient fail-stop signatures from the factoring assumption

ISC'11 Proceedings of the 14th international conference on Information security
The power of identification schemes

PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Two-Head dragon protocol: preventing cloning of signature keys

INTRUST'10 Proceedings of the Second international conference on Trusted Systems

Quantified Score

Hi-index	0.01

Visualization

Abstract

Fail-stop signatures (introduced in [WP89]) have the very nice property that the signer is secure against unlimited powerful forgers. However, the known fail-stap signatures require very long keys, and they are quite inefficient, because messages are signed bit-wise. This paper presents a fail-stop signature scheme, in which signing a message block requires two modular multiplications and verification requires less than two modular exponentiations. Furthermore a construction is shown of an undeniable signature scheme, which is unconditionally secure for the signer, and which allows the signer to convert undeniable signatures into fail-stop signatures. This is the first published undeniable signature having this property.