Magic Functions: In Memoriam: Bernard M. Dwork 1923--1998
Journal of the ACM (JACM)
Provable Cryptographic Security and its Applications to Mobile Wireless Computing
Wireless Personal Communications: An International Journal
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Lower bounds for non-black-box zero knowledge
Journal of Computer and System Sciences - Special issue on FOCS 2003
Proceedings of the 2007 ACM workshop on Digital identity management
ACM SIGACT News
International Journal of Applied Cryptography
Delegating computation: interactive proofs for muggles
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
A synthetic indifferentiability analysis of some block-cipher-based hash functions
Designs, Codes and Cryptography
Extractable Perfectly One-Way Functions
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Adaptive One-Way Functions and Applications
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Classification of Hash Functions Suitable for Real-Life Systems
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
A Note on the Random Oracle Methodology
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Compact E-Cash and Simulatable VRFs Revisited
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
On the Insecurity of the Fiat-Shamir Signatures with Iterative Hash Functions
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Group Signatures with Verifier-Local Revocation and Backward Unlinkability in the Standard Model
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Group Encryption: Non-interactive Realization in the Standard Model
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Zero Knowledge in the Random Oracle Model, Revisited
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Two-tier signatures, strongly unforgeable signatures, and Fiat-Shamir without random oracles
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
TCC'07 Proceedings of the 4th conference on Theory of cryptography
An improved semantically-secure identity-based signcryption scheme in the standard model
Computers and Electrical Engineering
Simulatable VRFs with applications to multi-theorem NIZK
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
A non-interactive shuffle with pairing based verifiability
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Fully anonymous group signatures without random oracles
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Sub-linear zero-knowledge argument for correctness of a shuffle
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Online/offline signature schemes for devices with limited computing capabilities
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Completely non-malleable encryption revisited
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
On seed-incompressible functions
TCC'08 Proceedings of the 5th conference on Theory of cryptography
P-signatures and noninteractive anonymous credentials
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Improved delegation of computation using fully homomorphic encryption
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
The Fiat-Shamir transform for group and ring signature schemes
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
On the use of financial data as a random beacon
EVT/WOTE'10 Proceedings of the 2010 international conference on Electronic voting technology/workshop on trustworthy elections
Some observations on indifferentiability
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
On the Compressibility of $\mathcal{NP}$ Instances and Cryptographic Applications
SIAM Journal on Computing
On the impossibility of instantiating PSS in the standard model
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Limits of provable security from standard assumptions
Proceedings of the forty-third annual ACM symposium on Theory of computing
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Simulation-sound NIZK proofs for a practical language and constant size group signatures
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
On everlasting security in the hybrid bounded storage model
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Discrete-Log-Based signatures may not be equivalent to discrete log
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
On round-efficient argument systems
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Efficient signcryption without random oracles
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Zero-knowledge proof of generalized compact knapsacks (or a novel identification/signature scheme)
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Efficient blind signatures without random oracles
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Foundations of group signatures: the case of dynamic groups
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Communication-efficient non-interactive proofs of knowledge with online extractors
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Analysis of random oracle instantiation scenarios for OAEP and other practical schemes
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Merkle-Damgård revisited: how to construct a hash function
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
On the generic insecurity of the full domain hash
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Security of encryption schemes in weakened random oracle models
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
A method for making password-based key exchange resilient to server compromise
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Provably-Secure two-round password-authenticated group key exchange in the standard model
IWSEC'06 Proceedings of the 1st international conference on Security
A diffie-hellman key exchange protocol without random oracles
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Efficient CCA-Secure PKE from identity-based techniques
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Interactive zero-knowledge with restricted random oracles
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Non-interactive zero-knowledge from homomorphic encryption
TCC'06 Proceedings of the Third conference on Theory of Cryptography
On the relation between the ideal cipher and the random oracle models
TCC'06 Proceedings of the Third conference on Theory of Cryptography
New chosen ciphertext secure public key encryption in the standard model with public verifiability
ICIC'11 Proceedings of the 7th international conference on Advanced Intelligent Computing Theories and Applications: with aspects of artificial intelligence
Block-wise p-signatures and non-interactive anonymous credentials with efficient attributes
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
On the instantiability of hash-and-sign RSA signatures
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Randomness condensers for efficiently samplable, seed-dependent sources
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
On the exact security of schnorr-type signatures in the random oracle model
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
New definitions and separations for circular security
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Certificateless public key encryption in the selective-ID security model
Pairing'07 Proceedings of the First international conference on Pairing-Based Cryptography
Publicly verifiable proofs of sequential work
Proceedings of the 4th conference on Innovations in Theoretical Computer Science
Why “fiat-shamir for proofs” lacks a proof
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
On the (in)security of fischlin’s paradigm
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Unprovable security of perfect NIZK and non-interactive non-malleable commitments
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Limits on the usefulness of random oracles
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Randomness-Dependent message security
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Efficient identity-based signcryption without random oracles
AISC '12 Proceedings of the Tenth Australasian Information Security Conference - Volume 125
Proxy-invisible CCA-secure type-based proxy re-encryption without random oracles
Theoretical Computer Science
A more efficient computationally sound non-interactive zero-knowledge shuffle argument
Journal of Computer Security - Advances in Security for Communication Networks
| Hi-index | 0.00 |
In 1986, Fiat and Shamir proposed a general method for transforming secure 3-round public-coin identification schemes into digital signature schemes. The idea of the transformation was to replace the random message of the veri.er in the identification scheme, with the value of some deterministic"hash" function evaluated on various quantities in the protocol and on the message to be signed.The Fiat-Shamir methodology for producing digital signature schemes quickly gained popularity as it yields efficient and easy to implement digital signature schemes. The most important question however remained open: are the digital signatures produced by the Fiat-Shamir methodology secure?In this paper, we answer this question negatively. We show that there exist secure 3-round public-coin identification schemes for which the Fiat-Shamir transformation yields insecure digital signature schemes for any "hash" function used by the transformation. This is in contrast to the work of Pointcheval and Stern which proved that the Fiat-Shamir methodology always produces digital signatures secure against chosen message attack in the "Random Oracle Model" 驴 when the hash function is modelled by a random oracle.Among other things, we make new usage of Barak's technique for taking advantage of non black-box access to a program, this time in the context of digital signatures.