Abstract
This paper describes a powerful attack on a verifiably committed signature scheme based on GPS and RSA proposed in Financial Cryptography 2001. Given any partial signature, the attacker can extract the corresponding full signature. The attack works provided the attacker previously obtained a full signature of a special form, which can be done simply by eavesdropping a very small number of full signatures. For example, with the originally recommended parameters choice, 66% of the signatures are of this form. As a consequence, two “fair” protocols using this primitive do not satisfy the fairness property. Of independent interest, our attack shows that special attention should be paid when building cryptographic protocols from GPS and RSA.
Chapter PDF
References
Asokan, N., Shoup, V., Waidner, M.: Optimistic Fair Exchange of Digital Signatures. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 591–606. Springer, Heidelberg (1998)
Asokan, N., Shoup, V., Waidner, M.: Optimistic Fair Exchange of Digital Signatures. IEEE Journal on Selected Areas in Communication 18(4), 593–610 (2000)
Ateniese, G.: Efficient Verifiable Encryption (and Fair Exchange) of Digital Signatures. In: Tsudik, G. (ed.) Sixth ACM Conference on Computer and Communication Security and Privacy, November 1999, pp. 138–146. ACM Press, New York (1999)
Bao, F., Deng, R., Mao, W.: Efficient and Practical Fair Exchange Protocols with Off-line TTP. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 77–85 (1998)
Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)
Camenisch, J., Damgård, I.B.: Verifiable Encryption, Group Encryption, and their Application to Group Signatures and Signature Sharing Schemes. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 331–345. Springer, Heidelberg (2000)
Dodis, Y., Reyzin, L.: Breaking and Repairing Optimistic Fair Exchange from PODC 2003. In: Yung, M. (ed.) ACM Workshop on Digital Rights Management, DRM (2003), available at http://eprint.iacr.org/2003/146/
Fiat, A., Shamir, A.: How to prove yourself: practical solutions of identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)
Girault, M.: Self-certified public keys. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 490–497. Springer, Heidelberg (1991)
Guillou, L., Quisquater, J.-J.: A ”Paradoxical” Identity-Based Signature Scheme Resulting from Zero-Knowledge Minimizing Both Transmission and Memory. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 216–231. Springer, Heidelberg (1990)
Markowitch, O., Kremer, S.: An Optimistic Non-Repudiation Protocol with Transparent Trusted Third Party. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 363–378. Springer, Heidelberg (2001)
Markowitch, O., Saeednia, S.: Optimistic Fair Exchange with Transparent Signature Recovery. In: Syverson, P.F. (ed.) FC 2001. LNCS, vol. 2339, pp. 339–350. Springer, Heidelberg (2002)
Park, J.M., Chong, E., Siegel, H., Ray, I.: Constructing Fair Exchange Protocols for E-Commerce via Distributed Computation of RSA Signatures. In: Proceedings of the 22th Annual ACM Symposium on Principles of Distributed Computing (PODC 2003), July 2003, pp. 172–181 (2003)
Poupard, G., Stern, J.: Security Analysis of a Practical on the fly Authentification and Signature Generation. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 422–436. Springer, Heidelberg (1998)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. LCS TM82, MIT Laboratory for Computer Science, Cambridge, Massachusetts (1977)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cathalo, J., Libert, B., Quisquater, JJ. (2004). Cryptanalysis of a Verifiably Committed Signature Scheme Based on GPS and RSA. In: Zhang, K., Zheng, Y. (eds) Information Security. ISC 2004. Lecture Notes in Computer Science, vol 3225. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30144-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-30144-8_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23208-7
Online ISBN: 978-3-540-30144-8
eBook Packages: Springer Book Archive