Fail-Stop Signature for Long Messages

Authors:
Reihaneh Safavi-Naini;Willy Susilo;Huaxiong Wang
Affiliations:
-;-;-
Venue:
INDOCRYPT '00 Proceedings of the First International Conference on Progress in Cryptology
Year:
2000

Citing 9
Cited 2

Authentication theory/coding theory

Proceedings of CRYPTO 84 on Advances in cryptology
The dining cryptographers in the disco: unconditional sender and recipient untraceability with computationally secure serviceability

EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Authentication codes for nontrusting parties obtained from rank metric codes

Designs, Codes and Cryptography
Fail-Stop Signatures

SIAM Journal on Computing
Digital Signature Schemes: General Framework and Fail-Stop Signatures

Digital Signature Schemes: General Framework and Fail-Stop Signatures
New Constructions of Fail-Stop Signatures and Lower Bounds (Extended Abstract)

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
RSA-Based Fail-Stop Signature Schemes

ICPP '99 Proceedings of the 1999 International Workshops on Parallel Processing
Collision-free accumulators and fail-stop signature schemes without trees

EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Collision free hash functions and public key signature schemes

EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques

How to Construct Fail-Stop Confirmer Signature Schemes

ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Linear Authentication Codes: Bounds and Constructions

INDOCRYPT '01 Proceedings of the Second International Conference on Cryptology in India: Progress in Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security of ordinary digital signature schemes relies on a computational assumption. Fail-stop signature (FSS) schemes provide security for a signer against a forger with unlimited computational power by enabling the signer to provide a proof of forgery, if it occurs. Signing long messages using FSS requires a hash function with provable security which results in a slow signature generation process. In this paper, we propose a new construction for FSS schemes based on linear authentication codes which does not require a hash function and results in a much faster signing process at the cost of slower verification process, and longer secret key and signature. An important advantage of the scheme is that proof of forgery is the same as a traditional FSS and does not rely on the properties of the hash functions.