Tight Proofs for Signature Schemes without Random Oracles [chapter]

Sven Schäge
2011 Lecture Notes in Computer Science  
We present the first tight security proofs for two general classes of Strong RSA based signature schemes. Among the affected signature schemes are the Cramer-Shoup, Camenisch-Lysyanskaya, Zhu, and Fischlin signature scheme. We also present two bilinear variants of our signature classes that produce short signatures. Similar to before, we show that these variants have tight security proofs under the the Strong Diffie-Hellman (SDH) assumption. We so obtain very efficient SDH-based variants of the
more » ... Cramer-Shoup, Fischlin, and Zhu signature scheme and the first tight security proof of the recent Camenisch-Lysyanskaya scheme that was proposed and proven secure under the SDH assumption. Central to our results is a new proof technique that allows the simulator to avoid guessing which of the attacker's signature queries are re-used in the forgery. In contrast to previous proofs, our security reduction does not lose a factor of q here.
doi:10.1007/978-3-642-20465-4_12 fatcat:myl6mi6s7jeuzdvik7j2bzql5e