Abstract
The Full Domain Hash (FDH) scheme is a RSA-based signature scheme in which the message is hashed onto the full domain of the RSA function. The FDH scheme is provably secure in the random oracle model, assuming that inverting RSA is hard. In this paper we exhibit a slightly di.erent proof which provides a tighter security reduction. This in turn improves the e.ciency of the scheme since smaller RSA moduli can be used for the same level of security. The same method can be used to obtain a tighter security reduction for Rabin signature scheme, Paillier signature scheme, and the Gennaro-Halevi-Rabin signature scheme.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Bellare and P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols. Proceedings of the First Annual Conference on Computer and Commmunications Security, ACM, 1993.
M. Bellare and P. Rogaway, The exact security of digital signatures-How to sign with RSA and Rabin. Proceedings of Eurocrypt’96, LNCS vol. 1070, Springer-Verlag, 1996, pp. 399–416.
W. Diffie and M. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, IT-22,6, pp. 644–654, 1976.
R. Gennaro, S. Halevi, T. Rabin, Secure hash-and-sign signatures without the random oracle, proceedings of Eurocrypt’99, LNCS vol. 1592, Springer-Verlag, 1999, pp. 123–139.
S. Goldwasser, S. Micali and R. Rivest, A digital signature scheme secure against adaptive chosen-message attacks, SIAM Journal of computing, 17(2):281–308, april 1988.
A. Lenstra and H. Lenstra (eds.), The development of the number field sieve, Lecture Notes in Mathematics, vol 1554, Springer-Verlag, 1993.
P. Paillier, Public-key cryptosystems based on composite degree residuosity classes. Proceedings of Eurocrypt’99, Lecture Notes in Computer Science vol. 1592, Springer-Verlag, 1999, pp. 223–238.
M.O. Rabin, Digitalized signatures and public-key functions as intractable as factorization, MIT/LCS/TR-212, MIT Laboratory for Computer Science, 1979.
R. Rivest, A. Shamir and L. Adleman, A method for obtaining digital signatures and public key cryptosystems, CACM 21, 1978.
RSA Laboratories, PKCS #1: RSA cryptography specifications, version 2.0, September 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Coron, JS. (2000). On the Exact Security of Full Domain Hash. In: Bellare, M. (eds) Advances in Cryptology — CRYPTO 2000. CRYPTO 2000. Lecture Notes in Computer Science, vol 1880. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44598-6_14
Download citation
DOI: https://doi.org/10.1007/3-540-44598-6_14
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67907-3
Online ISBN: 978-3-540-44598-2
eBook Packages: Springer Book Archive