Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CRYPTO
2009
Springer
2009
Springer
Short and Stateless Signatures from the RSA Assumption
We present the first signature scheme which is “short”, stateless and secure under the RSA assumption in the standard model. Prior short, standard model signatures in the RSA setting required either a strong complexity assumption such as Strong RSA or (recently) that the signer maintain state. A signature in our scheme is comprised of one element in Z∗ N and one integer. The public key is also short, requiring only the modulus N, one element of Z∗ N , one integer, one PRF seed and some short chameleon hash parameters. To design our signature, we employ the known generic construction of fully-secure signatures from weakly-secure signatures and a chameleon hash. We then introduce a new proof technique for reasoning about weakly-secure signatures. This technique enables the simulator to predict a prefix of the message on which the adversary will forge and to use knowledge of this prefix to embed the challenge. This technique has wider applications beyond RSA. We also use it to...
Real-time TrafficRelated Content
| Added | 26 May 2010 |
| Updated | 26 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | CRYPTO |
| Authors | Susan Hohenberger, Brent Waters |
Comments (0)
Researcher Info
|
