An efficient existentially unforgeable signature scheme and its applications

被引：33

作者：

Dwork, C

Naor, M

机构：

[1] IBM Corp, Almaden Res Ctr, Div Res, San Jose, CA 95120 USA

[2] Weizmann Inst Sci, Dept Appl Math & Comp Sci, Morris & Rose Goldman Career Dev Chair, IL-76100 Rehovot, Israel

来源：

JOURNAL OF CRYPTOLOGY | 1998年 / 11卷 / 03期

关键词：

cryptography; digital signatures; unforgeability; one-way hash functions; authentication;

D O I：

10.1007/s001459900043

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

A signature scheme is existentially unforgeable if, given any polynomial (in the security parameter) number of pairs (m(1), S(m(1))), (m(2), S(m(2))),..., (m(k), S(m(k))), where S(m) denotes the signature on the message m, it is computationally infeasible to generate a pair (m(k+1), S(m(k+1))) for any message m(k+1) is not an element of {m(1),..., m(k)}. We present an existentially unforgeable signature scheme that for a reasonable setting of parameters requires at most six times the amount of time needed to generate a signature using "plain" RSA (which is not existentially unforgeable). We point out applications where our scheme is desirable.

引用

页码：187 / 208

页数：22

共 32 条

[1]

Ajtai M., 1996, Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, P99, DOI 10.1145/237814.237838

[2]

[Anonymous], 1995, 1801 FIPS NIST US DE

[3] HOW TO SIGN GIVEN ANY TRAPDOOR PERMUTATION [J].

BELLARE, M ;

MICALI, S .

JOURNAL OF THE ACM, 1992, 39 (01) :214-233

[4]

BELLARE M, 1996, LECT NOTES COMPUTER, V1070

[5]

BELLARE M, 1997, LECT NOTES COMPUTER

[6]

BLEICHENBACHER D, 1996, LECT NOTES COMPUTER, V1070

[7]

BOS JNE, 1993, LNCS, V740, P1, DOI DOI 10.1007/3-540-48071-4_1

[8]

Brands Stefan, 1993, CSR9323 CWI

[9]

CHAUM D, 1992, LECT NOTES COMPUT SC, V576, P470

[10]

CRAMER R, 1996, LECT NOTES COMPUTER, V1109, P173

← 1 2 3 4 →