How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Efficient zero-knowledged identification scheme for smart cards
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Zero-knowledge proofs of identity
Journal of Cryptology
An interactive identification scheme based on discrete logarithms and factoring (extended abstract)
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Fast signature generation with a Fiat Shamir—like scheme
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
An identity-based identification scheme based on discrete logarithms modulo a composite number
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A new identification scheme based on syndrome decoding
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
A Forward-Secure Digital Signature Scheme
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Forward-Secure Signatures with Optimal Signing and Verifying
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
An Improvement of the Fiat-Shamir Identification and Signature Scheme
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Escure Signature Schemes based on Interactive Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
On Concrete Security Treatment of Signatures Derived from Identification
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A New Forward-Secure Digital Signature Scheme
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On Defining Proofs of Knowledge
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Unbiased bits from sources of weak randomness and probabilistic communication complexity
SFCS '85 Proceedings of the 26th Annual Symposium on Foundations of Computer Science
On the security of a practical identification scheme
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Security proofs for signature schemes
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A new identification scheme based on the perceptrons problem
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Magic Functions: In Memoriam: Bernard M. Dwork 1923--1998
Journal of the ACM (JACM)
Multi-signatures in the plain public-Key model and a general forking lemma
Proceedings of the 13th ACM conference on Computer and communications security
Secure scalable group signature with dynamic joins and separable authorities
International Journal of Security and Networks
A Further Improved Online/Offline Signature Scheme
Fundamenta Informaticae
On the Insecurity of the Fiat-Shamir Signatures with Iterative Hash Functions
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Two-tier signatures, strongly unforgeable signatures, and Fiat-Shamir without random oracles
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Survey: leakage resilience and the bounded retrieval model
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
A lattice-based threshold ring signature scheme
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
The Fiat-Shamir transform for group and ring signature schemes
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Public-key identification schemes based on multivariate quadratic polynomials
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Efficient secure group signatures with dynamic joins and keeping anonymity against group managers
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
The security of the FDH variant of chaum's undeniable signature scheme
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Short traceable signatures based on bilinear pairings
IWSEC'06 Proceedings of the 1st international conference on Security
Tightly-Secure signatures from lossy identification schemes
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Public-Key identification schemes based on multivariate cubic polynomials
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Extended security arguments for signature schemes
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
A Further Improved Online/Offline Signature Scheme
Fundamenta Informaticae
A (corrected) DAA scheme using batch proof and verification
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Why “fiat-shamir for proofs” lacks a proof
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
On the (in)security of fischlin’s paradigm
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Hi-index | 0.00 |
The Fiat-Shamir paradigm for transforming identification schemes into signature schemes has been popular since its introduction because it yields efficient signature schemes, and has been receiving renewed interest of late as the main tool in deriving forward-secure signature schemes. We find minimal (meaning necessary and sufficient) conditions on the identification scheme to ensure security of the signature scheme in the random oracle model, in both the usual and the forward-secure cases. Specifically we show that the signature scheme is secure (resp. forward-secure) against chosen-message attacks in the random oracle model if and only if the underlying identification scheme is secure (resp. forward-secure) against impersonation under passive (i.e.. eavesdropping only) attacks, and has its commitments drawn at random from a large space. An extension is proven incorporating a random seed into the Fiat-Shamir transform so that the commitment space assumption may be removed.