Abstract
For most digital signature schemes used in practice, such as ISO9796/RSA or DSA, it has only been shown that certain plausible cryptographic assumptions, such as the difficulty of factoring integers, computing discrete logarithms or the collision-intractability of certain hash-functions are necessary for the security of the scheme, while their sufficiency is, strictly speaking, an open question.
A clear advantage of such schemes over many signature schemes with security proven relative to such common cryptographic assumptions, is their efficiency: as a result of their relatively weak requirements regarding computation, bandwidth and storage, these schemes have so far beaten proven secure schemes in practice.
Our aim is to contribute to the bridging of the gap that seems to exist between the theory and practice of digital signature schemes. We present a digital signature that offers both proven security and practical value. More precisely, under an appropriate assumption about RSA, the scheme is proven to be not existentially forgeable under adaptively chosen message attacks. We also identify some applications where our scheme can be conveniently implemented using dedicated smartcards that are available today.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Bellare, S. Micali: How to Sign Given any Trapdoor Function, Proceedings of Crypto’ 88, Springer Verlag LNCS series, pp. 200–215.
J. Benaloh, M. de Mare: One-Way Accumulators: A Decentralized Alternative to Digital Signatures, Proceedings of Eurocrypt’ 93, Springer Verlag LNCS series, pp. 274–285.
O. Goldreich: Two Remarks Concerning the GMR Signature Scheme, Proceedings of Crypto’ 86, Springer Verlag LNCS series, pp. 104–110.
J. Bos, D. Chaum: Provably Unforgeable Signatures, Proceedings of Crypto’ 92, Springer Verlag LNCS series, pp. 1–14.
D. Chaum, T. P. Pedersen: Wallet Databases with Observers, Proceedings of Crypto’ 92, Springer Verlag LNCS series, pp. 89–105.
R. Cramer, T. Pedersen: Improved Privacy in Wallets with Observers, Proceedings of Eurocrypt’ 93, Springer Verlag LNCS series, pp. 329–343.
R. Cramer, I. Damgård: Secure Signature Schemes based on Interactive Protocols, Proceedings of Crypto’ 95, Springer Verlag LNCS series, pp. 297–310.
R. Cramer, I. Damgård, T. Pedersen: Efficient and Provable Security Amplifications, Proceedings of 4th Cambridge Security Protocols Workshop, April 1996.
W. Diffie, M. Hellman: New Directions in Cryptography, IEEE Transactions on Information Theory IT-22(6): 644–654, 1976.
C. Dwork, M. Naor: An Efficient Existentially Unforgeable Signature Scheme and its Applications, Proceedings of Crypto’94, Springer Verlag LNCS series, pp. 218–238.
T. ElGamal, A Public-Key Cryptosystem and a Signature Scheme based on Discrete Logarithms, IEEE Transactions on Information Theory, IT-31(4): 469–472, 1985.
A. Fiat, A. Shamir: How to Prove Yourself: Practical Solutions to Identification and Signature Problems, Proceedings of Crypto’ 86, pp. 186–194
S. Goldwasser, S. Micali and R. Rivest: A Digital Signature Scheme Secure Against Chosen Message Attacks, SIAM Journal on Computing, 17(2): 281–308, 1988.
L. Guillou, J.J. Quisquater: A Practical Zero-Knowledge Protocol fitted to Security Microprocessor Minimizing both Transmission and Memory, Proceedings of Eurocrypt’ 88, Springer Verlag LNCS series, pp. 123–128.
G. H. Hardy, E. M. Wright: An Introduction to the Theory of Numbers, fifth edition, 1979, Oxford Science Publications.
Information Technology — Security Techniques — Digital Signature Scheme Giving Message Recovery, ISO/IEC Standard 9796, first edition, International Standards Organization, Geneva.
R. C. Merkle: A Certified Digital Signature, Proceedings of Crypto’ 89, Springer Verlag LNCS series, pp. 234–246.
M. Naor, M. Yung: Universal One-Way Hash Functions and Their Cryptographic Applications, Proceedings of 21st STOC, 1989, pp. 33–43.
National Institute of Technology and Standards: Specifications for the Digital Signature Standard (DSS), Federal Information Processing Standards Publication, US. Department of Commerce, 1993.
T. Okamoto: Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes, Proceedings of Crypto’ 92, Springer Verlag LNCS series, pp. 31–53.
B. Pfitzmann: Fail-Stop Signatures Without Trees, Hildesheimer Informatik-Berichte 16/94, Universität Hildesheim, Juni 1994.
R. Rivest, A. Shamir, L. Adleman: A Method for Obtaining Digital Signatures and Public Key Cryptosystems, Communications of ACM, 21 (1978), pp. 120–126.
J. Rompel: One-Way Functions are Necessary and Sufficient for Secure Signatures, Proceedings of 22nd STOC, 1990, pp. 387–394.
C. Schnorr: Efficient Signature Generation by Smart Cards, Journal of Cryptology, 4(3): 161–174, 1991.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cramer, R., Damgård, I. (1996). New Generation of Secure and Practical RSA-Based Signatures. In: Koblitz, N. (eds) Advances in Cryptology — CRYPTO ’96. CRYPTO 1996. Lecture Notes in Computer Science, vol 1109. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-68697-5_14
Download citation
DOI: https://doi.org/10.1007/3-540-68697-5_14
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-61512-5
Online ISBN: 978-3-540-68697-2
eBook Packages: Springer Book Archive