How to construct random functions
Journal of the ACM (JACM)
One-way functions and Pseudorandom generators
Combinatorica - Theory of Computing
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
One-way functions are necessary and sufficient for secure signatures
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
A fast quantum mechanical algorithm for database search
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
Perfectly one-way probabilistic hash functions (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
The security of the cipher block chaining message authentication code
Journal of Computer and System Sciences
The BiBa one-time signature and broadcast authentication protocol
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Directed Acyclic Graphs, One-way Functions and Digital Signatures
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient Authentication and Signing of Multicast Streams over Lossy Channels
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Seven cardinal properties of sensor network broadcast authentication
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Algorithms for quantum computation: discrete logarithms and factoring
SFCS '94 Proceedings of the 35th Annual Symposium on Foundations of Computer Science
Merkle Signatures with Virtually Unlimited Signature Capacity
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Digital Signatures Out of Second-Preimage Resistant Hash Functions
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
Pseudorandom function tribe ensembles based on one-way permutations: improvements and applications
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
New proofs for NMAC and HMAC: security without collision-resistance
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Hash based digital signature schemes
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
XMSS - a practical forward secure signature scheme based on minimal security assumptions
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
On the security of the Winternitz one-time signature scheme
International Journal of Applied Cryptography
Hi-index | 0.00 |
We show that the Winternitz one-time signature scheme is existentially unforgeable under adaptive chosen message attacks when instantiated with a family of pseudo random functions. Compared to previous results, which require a collision resistant hash function, our result provides significantly smaller signatures at the same security level. We also consider security in the strong sense and show that the Winternitz one-time signature scheme is strongly unforgeable assuming additional properties of the pseudo random function. In this context we formally define several key-based security notions for function families and investigate their relation to pseudorandomness. All our reductions are exact and in the standard model and can directly be used to estimate the output length of the hash function required to meet a certain security level.