Filters








130 Hits in 3.8 sec

Proving Tight Security for Rabin-Williams Signatures [chapter]

Daniel J. Bernstein
Advances in Cryptology – EUROCRYPT 2008  
This paper proves "tight security in the random-oracle model relative to factorization" for the lowest-cost signature systems available today: every hash-generic signature-forging attack can be converted  ...  The most surprising system is the "fixed unstructured B = 0 Rabin/Williams" system, which has a tight security proof despite hashing unrandomized messages.  ...  This paper proves tight security for several state-of-the-art variants of the Rabin/ Williams public-key signature system.  ... 
doi:10.1007/978-3-540-78967-3_5 dblp:conf/eurocrypt/Bernstein08 fatcat:uhxpjg44bzgq7lmt33fvx7va4e

How Risky Is the Random-Oracle Model? [chapter]

Gaëtan Leurent, Phong Q. Nguyen
2009 Lecture Notes in Computer Science  
for which Bernstein proved tight security at EUROCRYPT '08.  ...  Next, we study the security impact of hash function defects for ROM signatures.  ...  [9] , and the secret key in the Rabin-Williams signature scheme for which Bernstein [6] recently proved tight security, which was not mentioned in either [9, 6] .  ... 
doi:10.1007/978-3-642-03356-8_26 fatcat:vbjvlxawfzfztgra55nuebyw34

On the Lossiness of the Rabin Trapdoor Function [chapter]

Yannick Seurin
2014 Lecture Notes in Computer Science  
We then use this result to prove that deterministic variants of Rabin-Williams Full Domain Hash signatures have a tight reduction from the 2-Φ/4-Hiding assumption, therefore answering one of the main questions  ...  left open by Bernstein (EUROCRYPT 2008) in his work on Rabin-Williams signatures.  ...  Combined with Lemma 2, this yields tight security reductions for PRW and APRW (see Figure 1 for a clear picture). Remark 3.  ... 
doi:10.1007/978-3-642-54631-0_22 fatcat:xy3p6ofeorbldo6z2dlup42lgq

Another Look at Provable Security [chapter]

Alfred Menezes
2012 Lecture Notes in Computer Science  
We discuss the reasons why the search for mathematically convincing theoretical evidence to support the security of public-key systems has been an important theme of researchers.  ...  We give an informal analysis and critique of several typical "provable security" results.  ...  Acknowledgments We would like to thank Steven Galbraith, Shafi Goldwasser, Ann Hibner Koblitz, Kenny Paterson, Berkant Ustaoglu, and the two anonymous referees for their valuable comments on earlier drafts  ... 
doi:10.1007/978-3-642-29011-4_2 fatcat:2ellu74n55bxrbr3ka7fk2thre

Another Look at "Provable Security"

Neal Koblitz, Alfred J. Menezes
2005 Journal of Cryptology  
We discuss the reasons why the search for mathematically convincing theoretical evidence to support the security of public-key systems has been an important theme of researchers.  ...  We give an informal analysis and critique of several typical "provable security" results.  ...  Acknowledgments We would like to thank Steven Galbraith, Shafi Goldwasser, Ann Hibner Koblitz, Kenny Paterson, Berkant Ustaoglu, and the two anonymous referees for their valuable comments on earlier drafts  ... 
doi:10.1007/s00145-005-0432-z fatcat:7cnlak7isjhn7enzjqdpm7sdbi

Tight Proofs for Signature Schemes without Random Oracles [chapter]

Sven Schäge
2011 Lecture Notes in Computer Science  
We present the first tight security proofs for two general classes of Strong RSA based signature schemes.  ...  We so obtain very efficient SDH-based variants of the Cramer-Shoup, Fischlin, and Zhu signature scheme and the first tight security proof of the recent Camenisch-Lysyanskaya scheme that was proposed and  ...  I would like to thank Mathias Herrmann, Tibor Jager, Eike Kiltz, and Maike Ritzenhofen for useful comments on earlier drafts of this paper and the anonymous referees of EUROCRYPT'11 for helpful comments  ... 
doi:10.1007/978-3-642-20465-4_12 fatcat:myl6mi6s7jeuzdvik7j2bzql5e

Solving Hidden Number Problem with One Bit Oracle and Advice [chapter]

Adi Akavia
2009 Lecture Notes in Computer Science  
DeMarrais, A subexponential algorithm for discrete logarithms over all finite fields, Math.  ...  A subexponential algorithm for discrete logarithms over the rational subgroup of the Jacobians of large genus hyperelliptic curves over finite fields, ANTS I (L. M.  ...  [47] , Proving tight security for Rabin-Williams signatures, EUROCRYPT 2008 (N. P. Smart, ed.), LNCS, vol. 4965, Springer, 2008, pp. 70-87. [48] D. J. Bernstein, P. Birkner, M. Joye, T.  ... 
doi:10.1007/978-3-642-03356-8_20 fatcat:lst54auksbgvxaynf3gtsswva4

A Practical Public Key Cryptosystem from Paillier and Rabin Schemes [chapter]

David Galindo, Sebastiá Martýn, Paz Morillo, Jorge L. Villar
2002 Lecture Notes in Computer Science  
This modification is reminiscent of the ones applied by Rabin [22] and Williams [25] to the well-known RSA cryptosystem.  ...  We propose a practical scheme based on factoring and semantically secure (IND-CPA) in the standard model. The scheme is obtained from a modification of the so called RSA-Paillier [5] scheme.  ...  Acknowledgements We would like to thank Dario Catalano for sending us an early version of his paper [6] and the anonymous referees for their useful comments.  ... 
doi:10.1007/3-540-36288-6_21 fatcat:fqlpspal3zfidbdmxkubredkxy

Tight Security for Signature Schemes Without Random Oracles

Sven Schäge
2013 Journal of Cryptology  
We present the first tight security proofs for two general classes of Strong RSA (SRSA) based signature schemes.  ...  We so obtain very efficient SDH-based variants of the Cramer-Shoup, Fischlin, and Zhu signature scheme and the first tight security proof for the recent Camenisch-Lysyanskaya scheme that was proposed and  ...  In this paper, we therefore take the same approach as Bernstein at EUROCRYPT '08 who proved tight security for the original Rabin-Williams signature scheme in the random-oracle model [2] .  ... 
doi:10.1007/s00145-013-9173-6 fatcat:xvqby5svf5ashedbyuowdckcom

A New Rabin-type Trapdoor Permutation Equivalent to Factoring

Katja Schmidt-Samoa
2006 Electronical Notes in Theoretical Computer Science  
Thus it provides some advantages for practical applications.  ...  To confirm this statement, we develop a simple hybrid encryption scheme based on our proposed trapdoor permutation that is CCA-secure in the random oracle model.  ...  Acknowledgement The author wishes to thank anonymous referees for useful comments.  ... 
doi:10.1016/j.entcs.2005.09.039 fatcat:42kkhjwa7zhpjbhjxexdfinsze

On Tight Security Proofs for Schnorr Signatures [chapter]

Nils Fleischhacker, Tibor Jager, Dominique Schröder
2014 Lecture Notes in Computer Science  
The Schnorr signature scheme is the most efficient signature scheme based on the discrete logarithm problem and a long line of research investigates the existence of a tight security reduction for this  ...  Almost all recent works present lower tightness bounds and most recently Seurin (Eurocrypt 2012) showed that under certain assumptions the non-tight security proof for Schnorr signatures in the random  ...  Nils Fleischhacker and Dominique Schröder were supported by the German Federal Ministry of Education and Research (BMBF) through funding for the Center for IT-Security, Privacy, and Accountability (CISPA  ... 
doi:10.1007/978-3-662-45611-8_27 fatcat:cquvpg3adrcexc4lspffscwtu4

Another Look at Tightness [chapter]

Sanjit Chatterjee, Alfred Menezes, Palash Sarkar
2012 Lecture Notes in Computer Science  
If security parameters for the MAC scheme are selected without accounting for the non-tightness in the reduction, then the MAC scheme is shown to provide a level of security that is less than desirable  ...  We examine a natural, but non-tight, reductionist security proof for deterministic message authentication code (MAC) schemes in the multi-user setting.  ...  We wish to thank Greg Zaverucha for bringing reference [44] to our attention.  ... 
doi:10.1007/978-3-642-28496-0_18 fatcat:ogadsyu7dva2dayftppy46dzca

Improving the exact security of digital signature schemes

Silvio Micali, Leonid Reyzin
2002 Journal of Cryptology  
their "tight-security" counterparts.)  ...  We put forward a new method of constructing Fiat-Shamir-like signature schemes that yields better "exact security" than the original Fiat-Shamir method.  ...  Acknowledgments We would like to thank Salil Vadhan for pointing out an error in an earlier version of this work and Mihir Bellare for suggesting using an idea from [BM99] to improve Corollary 1.  ... 
doi:10.1007/s00145-001-0005-8 fatcat:gvxrhnzkmnhd7mgrmfajz6bmc4

Tightly-Secure Signatures from Five-Move Identification Protocols [chapter]

Eike Kiltz, Julian Loss, Jiaxin Pan
2017 Lecture Notes in Computer Science  
Surprisingly, our CDH-based scheme turns out to be (a slight simplification of) the Chevallier-Mames signature scheme (CRYPTO 05), thereby providing a theoretical explanation of its tight security proof  ...  We carry out a concrete security analysis of signature schemes obtained from five-move identification protocols via the Fiat-Shamir transform.  ...  Subsequently, [3] proved a tight reduction for the GPS scheme to the decisional variant of the SEDL [36] .  ... 
doi:10.1007/978-3-319-70700-6_3 fatcat:fl5p6y3banh6zbgchmjnxm7oxm

An integrated approach to cryptographic mitigation of denial-of-service attacks

Jothi Rangasamy, Douglas Stebila, Colin Boyd, Juan González Nieto
2011 Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security - ASIACCS '11  
Our experimental results show that, in the Secure Sockets Layer (SSL) protocol, fast verification digital signatures can provide a 7% increase in connections per second compared to RSA signatures, and  ...  These schemes can be up to 20 times faster for client authentication compared to RSA-based schemes.  ...  The authors are also grateful to Lakshmi Devi Kuppusamy for her valuable comments and helpful advice and Hua Liu for his assistance in experiment implementation.  ... 
doi:10.1145/1966913.1966929 dblp:conf/ccs/RangasamySBN11 fatcat:gjrjlscaencfpm3tmpzvqpv5fa
« Previous Showing results 1 — 15 out of 130 results