Attacking and Repairing Batch Verification Schemes

Authors:
Colin Boyd;Chris Pavlovski
Affiliations:
-;-
Venue:
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Year:
2000

Citing 13
Cited 15

Batch exponentiation: a fast DLP-based signature generation strategy

CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Improved Digital Signature Suitable for Batch Verification

IEEE Transactions on Computers
Detachable Electronic Coins

ICICS '99 Proceedings of the Second International Conference on Information and Communication Security
Untraceable Electronic Cash

CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Batch RSA

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
RSA-Based Undeniable Signatures

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
How to Prove That a Committed Number Is Prime

ASIACRYPT '99 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
On the Design of RSA with Short Secret Exponent

ASIACRYPT '99 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroupp

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Batch Diffie-Hellmam key agreement systems and their application to portable communications

EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
Proving in zero-knowledge that a number is the product of two safe primes

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques

Spending Offline Divisible Coins with Combining Capability

INDOCRYPT '02 Proceedings of the Third International Conference on Cryptology: Progress in Cryptology
Lenient/Strict Batch Verification in Several Groups

ISC '01 Proceedings of the 4th International Conference on Information Security
Use of Sparse and/or Complex Exponents in Batch Verification of Exponentiations

IEEE Transactions on Computers
Batch Verification of Short Signatures

EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Identification of Multiple Invalid Signatures in Pairing-Based Batched Signatures

Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Efficient Vote Validity Check in Homomorphic Electronic Voting

Information Security and Cryptology --- ICISC 2008
Batch ZK Proof and Verification of OR Logic

Information Security and Cryptology
A DAA scheme using batch proof and verification

TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Group testing and batch verification

ICITS'09 Proceedings of the 4th international conference on Information theoretic security
A DAA scheme requiring less TPM resources

Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Batch verifications with ID-Based signatures

ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
A (corrected) DAA scheme using batch proof and verification

INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Machine-generated algorithms, proofs and software for the batch verification of digital signature schemes

Proceedings of the 2012 ACM conference on Computer and communications security
Verifiable data streaming

Proceedings of the 2012 ACM conference on Computer and communications security
Batch verification suitable for efficiently verifying a limited number of signatures

ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Batch verification can provide large computational savings when several signatures, or other constructs, are verified together. Several batch verification algorithms have been published in recent years, in particular for both DSA-type and RSA signatures. We describe new attacks on several of these published schemes. A general weakness is explained which applies to almost all known batch verifiers for discrete logarithm based signature schemes. It is shown how this weakness can be eliminated given extra properties about the underlying group structure. A new general batch verifier for exponentiation in any cyclic group is also described as well as a batch verifier for modified RSA signatures.