Abstract
Very strong definitions of security for signature schemes have been proposed in the literature. Constructions for such schemes have been proposed, but so far they have only been of theoretical interest and have been considered far too inefficient for practical use.
Here we present a new scheme that satisfies these strongest definitions and uses essentially the same amount of computation and memory as the widely applied RSA scheme. The scheme is based on the well known RSA assumption.
Our signatures can be thought of as products resulting from a two-dimensional Lamport scheme, where one dimension consists of a list of public constants, and the other is the sequence of odd primes.
This article is adapted from the dissertation “Practical Privacy” of Jurjen N.E. Bos, written while be was at CWI (the Dutch nationally funded centre for Mathematics and Computer Science).
Chapter PDF
References
J. F. Boyar, D. Chaum, I. B. Damgård and T. Pedersen: Convertible Undeniable Signatures, Advances in Cryptology: Proc. Crypto’ 90 (Santa Barbara, CA, August 1990), to be published.
E. F. Brickell and J. M. DeLaurentis: An Attack on a Signature Scheme proposed by Okamoto and Shiraishi, Advances in Cryptology: Proc. Crypto’ 85 (Santa Barbara, CA, August 1985), pp. 28–32.
T. Beth: A fiat-Shamir-like Authentication Protocol for the EIG amal Scheme, Advances in Cryptology: Proc. Eurocrypt’ 88 (Davos, Switzerland, May 1988), pp. 77–86.
M. Bellare and S. Micali: How to Sign Given any Trapdoor Function, Advances in Cryptology: Proc. Crypto’ 88 (Santa Barbara, CA, August 1988), pp. 200–215.
J. N. E. Bos: Practical Privacy, dissertation of the Eindhoven University of Technology, march 1992
D. Chaum and H. van Antwerpen: Undeniable Signatures, Advances in Cryptology: Proc. Crypto’ 89 (Santa Barbara, CA, August 1989), pp. 212–216.
D. Chaum: Blind Signatures for Untraceable Payments, Advances in Cryptology: Proc. Crypto’ 82 (Santa Barbara, CA, August 1982), pp. 199–203.
D. Chaum: Zero-knowledge Undeniable Signatures, Advances in Cryptology: Proc. Eurocrypt’ 90 (Århus, Denmark, May 1990), pp. 458–464.
D. Chaum, E. van Heijst, and B. Pfitzmann: Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer, Advances of Cryptology: Proc. Crypto’ 91 (Santa Barbara, August 1991), to be published.
D. Chaum and S. Roijakkers: Unconditionally Secure Digital Signatures, Advances in Cryptology: Proc. Crypto’ 90 (Santa Barbara, CA, August 1990), pp. 209–217.
D. E. R. Denning: Digital Signatures with RSA and Other Public-Key Cryptosystems, Comm. ACM 27 (No. 4, April 1984), pp. 388–392.
W. Diffie and M. E. Hellman: New Directions in Cryptography, IEEE Trans. Information Theory IT-22 (No. 6, November 1976), pp. 644–654.
R. DeMillo, N. Lynch, and M. Merritt: Cryptographic Protocols, Proc. 14th ACM Symp. Theory of Computing (San Fransisco, CA, May 1982), pp. 383–400.
D. Estes, L. M. Adleman, K. Kompella, K. McCurley, and G. L. Miller: Breaking the Ong-Schnorr-Shamir Signature Scheme for Quadratic Number fields, Advances in Cryptology: Proc. Crypto’ 85 (Santa Barbara, CA, August 1985), pp. 3–13.
S. Even, O. Goldreich, and A. Lempel: A Randomized Protocol for Signing Contracts, Advances in Cryptology: Proc. Crypto’ 89 (Santa Barbara, CA, August 1989), pp. 205–210.
S. Even, O. Goldreich, and S. Micali: On-line/Off-line Digital Signatures, Advances in Cryptology: Proc. Crypto’ 89 (Santa Barbara, CA, August 1989), pp. 263–275
J-H. Evertse and E. van Heyst: Which RSA Signatures can be Computed from Some Given Signatures?, Advances in Cryptology: Proc. Eurocrypt’ 90 (Århus, Denmark, May 1990), pp. 83–97.
J-H. Evertse and E. van Heyst: Which RSA Signatures can be Computed from Certain Given Signatures?, Report W 91-06, February 1991, Mathematical Institute, University of Leiden.
T. ElGamal: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithm, IEEE Trans. Information Theory IT-31 (No. 4, July 1985), pp. 469–472.
A. flat and A. Shamir: How to Prove Yourself: Practical Solutions of Identification and Signature Problems, Advances in Cryptology: Proc. Crypto’ 86, (Santa Barbara, CA, August 1986), pp. 186–194.
S. Goldwasser, S. Micali, and R. L. Rivest: A “Paradoxical” Solution to the Signature Problem, Proc. 25th IEEE Symp. Foundations of Computer Science (Singer Island, 1984), pp. 441–448.
S. Goldwasser, S. Micali, and R. L. Rivest: A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks, SIAM Journal on Computing 17 (No 2, April 1988), pp. 281–308.
S. Goldwasser, S. Micali, and A. Yao: Strong Signature Schemes, Proc. 15th ACM Symp. Theory of Computing (Boston, MA, April 1983), pp. 431–439.
O. Goldreich: Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme, Advances in Cryptology: Proc. Crypto’ 86 (Santa Barbara, CA, August 1986), pp. 104–110.
O. Goldreich: Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme, Report MIT/LCS/TM-315, Massachusetts Institute of Technology.
B. Hayes: Anonymous One-Time Signatures and flexible Untraceable Electronic Cash, Advances in Cryptology: Proc. Auscrypt’ 90 (Sydney, Australia, January 1990), pp. 294–305.
K. Lieberherr: Uniform Complexity and Digital Signatures. Theoretical Computer Science 16 (1981), pp. 99–110.
U. Maurer: Non-interactive Public Key Cryptography, Advances in Cryptology: Proc. Eurocrypt’ 91 (Brighton, United Kingdom, April 1991), to be published.
R. C. Merkle: A Certified Digital Signature, Advances in Cryptology: Proc. Crypto’ 89 (Santa Barbara, CA, August 1989), pp. 218–238.
R. C. Merkle and M. E. Hellman: Hiding Information and Signatures in Trapdoor Knapsacks, IEEE Trans. Information Theory IT-24 (No. 5, September 1987), pp. 525–530.
T. Okamoto: A Digital Multisignature Scheme Using Bijective Public-Key Cryptosystems, ACM Trans. Computer Systems 6 (No. 8, November 1988), pp. 342–441.
T. Okamoto and A. Shiraishi: A Fast Signature Scheme Based on Quadratic Inequalities, Proc. 1985 Symp. Security and Privacy (Oakland, CA, April 1985), pp. 123–132.
H. Ong, C. P. Schnorr, and A. Shamir: Efficient Signature Schemes based on Polynomial Equations, Advances in Cryptology: Proc. Crypto’ 84 (Santa Barbara, August 1984), pp. 37–46.
M. O. Rabin: Digitalized Signatures, Foundations of Secure Computations 1977 (Atlanta, GA, October 1977), pp. 155–168.
M. O. Rabin: Digitalized Signatures and Public-key Function as Intractable as Factorization, Report MIT/LCS/TR-212, Massachusetts Institute of Technology.
P. J. N. de Rooij: On the security of the Schnorr Scheme using Preprocessing, Proc. Eurocrypt’ 91 (Brighton, United Kingdom), to be published.
R. L. Rivest, A. Shamir, and M. Adleman: A Method for Obtaining Digital Signatures and Public Key Cryptosystems, Comm. ACM 21 (No 2, February 1978), pp. 120–126.
C. P. Schnorr: Efficient Identification and Signatures for Smart Cards, Advances in Cryptology: Proc. Crypto’ 89 (Santa Barbara, CA, August 1989), pp. 239–251.
A. Shamir: A Fast Signature Scheme, Report MIT/LCS/TR-107, Massachusetts Institute of Technology.
A. Shamir: A polynomial Time Algorithm for Breaking the Basic Merkle-Hellman Cryptosystem, Proc. 23rd IEEE Symp. Foundations of Computer Science (Chicago, IL, 1982), pp. 145–152.
A. Shamir: On the Generation of Cryptographically Strong Pseudorandom Sequences, ACM Trans. Computer Systems 1 (No. 1, February 1983), pp. 38–44.
A. Shamir: Identity-based Cryptosystems and Signature Schemes, Advances in Cryptology: Proc. Crypto’ 84 (Santa Barbara, CA, August 1984), pp. 47–53.
M. de Soete, J.-J. Quisquater, and K. Vledder: A Signature with Shared Verification Scheme, Advances in Cryptology: Proc. Crypto’ 89 (Santa Barbara, CA, August 1989), pp. 253–262.
Y. Tulpan: Fast Cryptoanalysis of a Fast Signature System, Master’s thesis in Applied Mathematics, Weizmann Institute, Israel, 1984.
H. C. Williams, A Modification of the RSA Public-Key Encryption Procedure, IEEE Trans. Information Theory IT-26, (No. 6, November 1980), pp. 726–729.
G. Yuval: How to Swindle Rabin, Cryptologia 3 (No. 3, July 1979), pp. 187–189.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1993 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bos, J.N.E., Chaum, D. (1993). Provably Unforgeable Signatures. In: Brickell, E.F. (eds) Advances in Cryptology — CRYPTO’ 92. CRYPTO 1992. Lecture Notes in Computer Science, vol 740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48071-4_1
Download citation
DOI: https://doi.org/10.1007/3-540-48071-4_1
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-57340-1
Online ISBN: 978-3-540-48071-6
eBook Packages: Springer Book Archive