Authentication theory/coding theory
Proceedings of CRYPTO 84 on Advances in cryptology
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Authentication codes for nontrusting parties obtained from rank metric codes
Designs, Codes and Cryptography
SIAM Journal on Computing
Digital Signature Schemes: General Framework and Fail-Stop Signatures
Digital Signature Schemes: General Framework and Fail-Stop Signatures
New Constructions of Fail-Stop Signatures and Lower Bounds (Extended Abstract)
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
RSA-Based Fail-Stop Signature Schemes
ICPP '99 Proceedings of the 1999 International Workshops on Parallel Processing
Collision-free accumulators and fail-stop signature schemes without trees
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Collision free hash functions and public key signature schemes
EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques
How to Construct Fail-Stop Confirmer Signature Schemes
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Linear Authentication Codes: Bounds and Constructions
INDOCRYPT '01 Proceedings of the Second International Conference on Cryptology in India: Progress in Cryptology
Hi-index | 0.00 |
Security of ordinary digital signature schemes relies on a computational assumption. Fail-stop signature (FSS) schemes provide security for a signer against a forger with unlimited computational power by enabling the signer to provide a proof of forgery, if it occurs. Signing long messages using FSS requires a hash function with provable security which results in a slow signature generation process. In this paper, we propose a new construction for FSS schemes based on linear authentication codes which does not require a hash function and results in a much faster signing process at the cost of slower verification process, and longer secret key and signature. An important advantage of the scheme is that proof of forgery is the same as a traditional FSS and does not rely on the properties of the hash functions.