A short signature scheme from the RSA family

Authors:
Ping Yu;Rui Xue
Affiliations:
State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China;State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China
Venue:
ISC'10 Proceedings of the 13th international conference on Information security
Year:
2010

Citing 12
Cited 0

A digital signature scheme secure against adaptive chosen-message attacks

SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The random oracle methodology, revisited (preliminary version)

STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Improved Online/Offline Signature Schemes

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Short Signatures from the Weil Pairing

ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Short and Stateless Signatures from the RSA Assumption

CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Collision-free accumulators and fail-stop signature schemes without trees

EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Secure hash-and-sign signatures without the random oracle

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
A signature scheme with efficient protocols

SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Cryptography in subgroups of Zn

TCC'05 Proceedings of the Second international conference on Theory of Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a short signature scheme based on the complexity assumptions related to the RSA modulus. More specifically, the new scheme is secure in the standard model based on the strong RSA subgroup assumption. Most short signature schemes are based on either the discrete logarithm problem (or its variants), or the problems from bilinear mapping. So far we are not aware of any signature schemes in the RSA family can produce a signature shorter than the RSA modulus (in a typical setting, an RSA modulus is 1024 bits). The new scheme can produce a 420-bit signature, much shorter than the RSA modulus. In addition, the new scheme is very efficient. It only needs one modulo exponentiation with a 200-bit exponent to produce a signature. In comparison, most RSA-type signature schemes at least need one modulo exponentiation with 1024- bit exponent, whose cost is more than five times of the new scheme's.