Abstract
A common practice for signing with RSA is to first apply a hash function or a redundancy function to the message, add some padding and exponentiate the resulting padded message using the decryption exponent. This is the basis of several existing standards.
In this paper we show how to build a secure padding scheme for signing arbitrarily long messages with a secure padding scheme for fixed-size messages. This focuses more sharply the question of finding a secure encoding for RSA signatures, by showing that the difficulty is not in handling messages of arbitrary length, but rather in finding a secure redundancy function for short messages, which remains an open problem.
Chapter PDF
Similar content being viewed by others
References
M. Bellare and P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols, proceedings of the First Annual Conference on Computer and Commmunications Security, ACM, 1993.
M. Bellare and P. Rogaway, The exact security of digital signatures-How to sign with RSA and Rabin, proceedings of Eurocrypt’96, LNCS vol. 1070, Springer-Verlag, 1996, pp. 399–416.
R. Canetti, O. Goldreich and S. Halevi, The Random Oracle Methodology,Re visited, STOC’ 98, ACM, 1998.
W. Diffe and M. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, IT-22, 6, pp. 644–654, 1976.
S. Goldwasser, S. Micali and R. Rivest, A digital signature scheme secure against adaptive chosen-message attacks, SIAM Journal of computing, 17(2):281–308, april 1988.
J.F. Misarsky, How (not) to design signature schemes, proceedings of PKC’98, Lecture Notes in Computer Science vol. 1431, Springer Verlag, 1998.
R. Rivest, A. Shamir and L. Adleman, A method for obtaining digital signatures and public key cryptosystems, CACM 21, 1978.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Coron, JS., Koeune, F., Naccache, D. (2000). From Fixed-Length to Arbitrary-Length RSA Padding Schemes. In: Okamoto, T. (eds) Advances in Cryptology — ASIACRYPT 2000. ASIACRYPT 2000. Lecture Notes in Computer Science, vol 1976. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44448-3_8
Download citation
DOI: https://doi.org/10.1007/3-540-44448-3_8
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41404-9
Online ISBN: 978-3-540-44448-0
eBook Packages: Springer Book Archive