STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
A remark on signature scheme where forgery can be proved
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Zero-knowledge undeniable signatures (extended abstract)
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
A semantics for a logic of authentication (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
CRYPTO '89 Proceedings on Advances in cryptology
The temporal logic of reactive and concurrent systems
The temporal logic of reactive and concurrent systems
The digital signature standard
Communications of the ACM
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Digital signatures with RSA and other public-key cryptosystems
Communications of the ACM
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Unconditional Byzantine Agreement for any Number of Faulty Processors
STACS '92 Proceedings of the 9th Annual Symposium on Theoretical Aspects of Computer Science
Convertible Undeniable Signatures
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Unconditionally Secure Digital Signatures
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Provably Unforgeable Signatures
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
New Constructions of Fail-Stop Signatures and Lower Bounds (Extended Abstract)
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
A Logical Language for Specifying Cryptographic Protocol Requirements
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Composition and integrity preservation of secure reactive systems
Proceedings of the 7th ACM conference on Computer and communications security
Security Notions for Unconditionally Secure Signature Schemes
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
How to break another "provably secure" payment system
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Hi-index | 0.00 |
Digital signature schemes are a fundamental tool for secure distributed systems. It is important to have a formal notion of what a secure digital signature scheme is, so that there is a clear interface between designers and users of such schemes. A definition that seemed final was given by Goldwasser, Micali, and Rivest in 1988, and although most signature schemes used in practice cannot be proved secure with respect to it, they are all built so that they hopefully fulfil it, e.g., by the inclusion of hash functions or redundancy to counter active attacks.Recently, however, several signature schemes with new security properties have been presented. Most of them exist in several variants, and some of them pay for the new properties with restrictions in other respects, whose relation is not always clear. Obviously, these new properties need definitions and some classification. Unfortunately, however, none of the new schemes is covered by the definition mentioned above. Hence the new properties cannot be defined as additions, but each new type of scheme needs a new definition from scratch, although there are similarities between the definitions. This is unsatisfactory.This paper presents (an overview of) a general definition of digital signature schemes that covers all known schemes, and hopefully all that might be invented in future. Additional properties of special types of schemes are then presented in an orthogonal way, so that existing schemes can be classified systematically. It turns out that signature schemes are best defined by a separation of service, structure, and degree of security, with a service specification in temporal logic. Several parts of such a definition can easily be reused for general definitions of other classes of cryptologic schemes.Relations to secure multi-party protocols and logics of authentication are discussed.