How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
On the fly signatures based on factoring
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Signature schemes based on the strong RSA assumption
ACM Transactions on Information and System Security (TISSEC)
Improved Online/Offline Signature Schemes
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Flaws in Applying Proof Methodologies to Signature Schemes
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
New Generation of Secure and Practical RSA-Based Signatures
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
The Cramer-Shoup Strong-RSASignature Scheme Revisited
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Collision-free accumulators and fail-stop signature schemes without trees
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Secure hash-and-sign signatures without the random oracle
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
How (Not) to design strong-RSA signatures
Designs, Codes and Cryptography
Hi-index | 0.00 |
This paper analyzes the security of a very efficient signature scheme proposed by C.H. Tan, X. Yi and C.K. Siew: the TYS signature scheme. We show that this scheme is universally forgeable; more specifically, we show that anyone is able to produce a valid TYS signature on a chosen message from an arbitrary valid message/signature pair. We also suggest modifications to the TYS signature scheme and relate the resulting scheme to the Camenisch-Lysyanskaya signature scheme.