Tight Security for Signature Schemes Without Random Oracles

Sven Schäge
2013 Journal of Cryptology  
We present the first tight security proofs for two general classes of Strong RSA (SRSA) based signature schemes. Among the covered signature schemes are the signature schemes by Cramer-Shoup, Zhu, Fischlin, and the SRSA-based Camenisch-Lysyanskaya scheme with slightly modified parameter sizes. We also present two variants of our signature classes in bilinear groups that output very short signatures. Similarly to before, these variants have tight security proofs under the Strong Diffie-Hellman
more » ... DH) assumption. We so obtain very efficient SDH-based variants of the Cramer-Shoup, Fischlin, and Zhu signature scheme and the first tight security proof for the recent Camenisch-Lysyanskaya scheme that was proposed and proven secure under the SDH assumption. Central to our results is a new proof technique that allows the simulator to avoid guessing which of the attacker's signature queries will be reused in the forgery. In contrast to previous proofs, our security reduction does not lose a factor of q here, where q is the number of signature queries made by the adversary.
doi:10.1007/s00145-013-9173-6 fatcat:xvqby5svf5ashedbyuowdckcom