Two remarks concerning the Goldwasser-Micali-Rivest signature scheme
Proceedings on Advances in cryptology---CRYPTO '86
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Universal one-way hash functions and their cryptographic applications
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
One-way functions are necessary and sufficient for secure signatures
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
The longtime behavior of solutions to a quasilinear combustion model
Nonlinear Analysis: Theory, Methods & Applications
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Signature schemes based on the strong RSA assumption
ACM Transactions on Information and System Security (TISSEC)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Twin signatures: an alternative to the hash-and-sign paradigm
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
On the Exact Security of Full Domain Hash
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Improved Online/Offline Signature Schemes
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Provably Unforgeable Signatures
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Existentially Unforgeable Signature Scheme and its Applications
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
New Generation of Secure and Practical RSA-Based Signatures
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
The Cramer-Shoup Strong-RSASignature Scheme Revisited
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Efficient Generation of Prime Numbers
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Efficiency improvements for signature schemes with tight security reductions
Proceedings of the 10th ACM conference on Computer and communications security
Short Signatures from the Weil Pairing
Journal of Cryptology
Another Look at "Provable Security"
Journal of Cryptology
Security proofs for signature schemes
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
The exact security of digital signatures-how to sign with RSA and Rabin
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Collision-free accumulators and fail-stop signature schemes without trees
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Secure hash-and-sign signatures without the random oracle
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Security analysis of the Gennaro-Halevi-Rabin signature scheme
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
A signature scheme as secure as the Diffie-Hellman problem
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Discrete-Log-Based signatures may not be equivalent to discrete log
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Cramer-Damgård signatures revisited: efficient flat-tree signatures based on factoring
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Efficient identity-based encryption without random oracles
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
A new baby-step giant-step algorithm and some applications to cryptanalysis
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Strongly unforgeable signatures based on computational diffie-hellman
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
New online/offline signature schemes without random oracles
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Programmable Hash Functions and Their Applications
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
An Efficient On-Line/Off-Line Signature Scheme without Random Oracles
CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
Twin Signature Schemes, Revisited
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Generic security-amplifying methods of ordinary digital signatures
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
How (Not) to design strong-RSA signatures
Designs, Codes and Cryptography
Tight proofs for signature schemes without random oracles
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Short signatures from weaker assumptions
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
All-But-Many lossy trapdoor functions
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Waters signatures with optimal security reduction
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
| Hi-index | 0.00 |
In 1999, two signature schemes based on the flexible RSA problem (a.k.a. strong RSA problem) were independently introduced: the Gennaro-Halevi-Rabin (GHR) signature scheme and the Cramer-Shoup (CS) signature scheme. Remarkably, these schemes meet the highest security notion in the standard model. They however differ in their implementation. The CS scheme and its subsequent variants and extensions proposed so far feature a loose security reduction, which, in turn, implies larger security parameters. The security of the GHR scheme and of its twinning-based variant are shown to be tightly based on the flexible RSA problem but additionally (i) either assumes the existence of division-intractable hash functions, or (ii) requires an injective mapping into the prime numbers in both the signing and verification algorithms. In this paper, we revisit the GHR signature scheme and completely remove the extra assumption made on the hash functions without relying on injective prime mappings. As a result, we obtain a practical signature scheme (and an on-line/off-line variant thereof) whose security is solely and tightly related to the strong RSA assumption.