Two remarks concerning the Goldwasser-Micali-Rivest signature scheme
Proceedings on Advances in cryptology---CRYPTO '86
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Universal one-way hash functions and their cryptographic applications
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
One-way functions are necessary and sufficient for secure signatures
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
One-way accumulators: a decentralized alternative to digital signatures
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Improved privacy in wallets with observers
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
How To Sign Given Any Trapdoor Function
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Provably Unforgeable Signatures
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Wallet Databases with Observers
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Existentially Unforgeable Signature Scheme and its Applications
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Escure Signature Schemes based on Interactive Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Efficient and Provable Security Amplifications
Proceedings of the International Workshop on Security Protocols
Generic Lower Bounds for Root Extraction and Signature Schemes in General Groups
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Optimal Security Proofs for PSS and Other Signature Schemes
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Authentication of Concast Communication
INDOCRYPT '02 Proceedings of the Third International Conference on Cryptology: Progress in Cryptology
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Realizing Hash-and-Sign Signatures under Standard Assumptions
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
A Storage Efficient Redactable Signature in the Standard Model
ISC '09 Proceedings of the 12th International Conference on Information Security
How (Not) to design strong-RSA signatures
Designs, Codes and Cryptography
Independent zero-knowledge sets
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Cramer-Damgård signatures revisited: efficient flat-tree signatures based on factoring
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Justifying a dolev-yao model under active attacks
Foundations of Security Analysis and Design III
A new RSA-based signature scheme
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Strongly unforgeable signatures based on computational diffie-hellman
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
A practical and tightly secure signature scheme without hash function
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Hi-index | 0.00 |
For most digital signature schemes used in practice, such as ISO9796/RSA or DSA, it has only been shown that certain plausible cryptographic assumptions, such as the difficulty of factoring integers, computing discrete logarithms or the collision-intractability of certain hash-functions are necessary for the security of the scheme, while their sufficiency is, strictly speaking, an open question. A clear advantage of such schemes over many signature schemes with security proven relative to such common cryptographic assumptions, is their efficiency: as a result of their relatively weak requirements regarding computation, bandwidth and storage, these schemes have so far beaten proven secure schemes in practice. Our aim is to contribute to the bridging of the gap that seems to exist between the theory and practice of digital signature schemes. We present a digital signature that offers both proven security and practical value. More precisely, under an appropriate assumption about RSA, the scheme is proven to be not existentially forgeable under adaptively chosen message attacks. We also identify some applications where our scheme can be conveniently implemented using dedicated smartcards that are available today.