How to construct random functions
Journal of the ACM (JACM)
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
One-way functions are necessary and sufficient for secure signatures
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
A fast quantum mechanical algorithm for database search
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
Perfectly one-way probabilistic hash functions (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
The security of the cipher block chaining message authentication code
Journal of Computer and System Sciences
The BiBa one-time signature and broadcast authentication protocol
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Directed Acyclic Graphs, One-way Functions and Digital Signatures
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Practical and Provably Secure Coalition-Resistant Group Signature Scheme
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Pseudorandom functions revisited: the cascade construction and its concrete security
FOCS '96 Proceedings of the 37th Annual Symposium on Foundations of Computer Science
Efficient Authentication and Signing of Multicast Streams over Lossy Channels
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Seven cardinal properties of sensor network broadcast authentication
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
Algorithms for quantum computation: discrete logarithms and factoring
SFCS '94 Proceedings of the 35th Annual Symposium on Foundations of Computer Science
Merkle Signatures with Virtually Unlimited Signature Capacity
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Digital Signatures Out of Second-Preimage Resistant Hash Functions
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
Pseudorandom function tribe ensembles based on one-way permutations: improvements and applications
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
On the security of the Winternitz one-time signature scheme
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
New proofs for NMAC and HMAC: security without collision-resistance
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Hash based digital signature schemes
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
XMSS - a practical forward secure signature scheme based on minimal security assumptions
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Hi-index | 0.00 |
We show that the Winternitz one-time signature scheme is existentially unforgeable under adaptive chosen message attacks when instantiated with a family of pseudorandom functions. Our result halves the signature size at the same security level, compared to previous results, which require a collision resistant hash function. We also consider security in the strong sense and show that the Winternitz one-time signature scheme is strongly unforgeable assuming additional properties of the pseudorandom function family. In this context we formally define several key-based security notions for function families and investigate their relation to pseudorandomness. All our reductions are exact and in the standard model and can directly be used to estimate the output length of the hash function required to meet a certain security level.