Security Arguments for Digital Signatures and Blind Signatures |
| |
Authors: | David Pointcheval Jacques Stern |
| |
Affiliation: | (1) Laboratoire d'Informatique, école Normale Supérieure, 75230 Paris Cedex 05, France David.Pointcheval@ens.fr, Jacques.Stern@ens.fr, http://www.di.ens.fr/~pointche, http://www.di.ens.fr/~stern , FR |
| |
Abstract: | Since the appearance of public-key cryptography in the seminal Diffie—Hellman paper, many new schemes have been proposed
and many have been broken. Thus, the simple fact that a cryptographic algorithm withstands cryptanalytic attacks for several
years is often considered as a kind of validation procedure. A much more convincing line of research has tried to provide
``provable' security for cryptographic protocols. Unfortunately, in many cases, provable security is at the cost of a considerable
loss in terms of efficiency. Another way to achieve some kind of provable security is to identify concrete cryptographic objects,
such as hash functions, with ideal random objects and to use arguments from relativized complexity theory. The model underlying
this approach is often called the ``random oracle model.' We use the word ``arguments' for security results proved in this
model. As usual, these arguments are relative to well-established hard algorithmic problems such as factorization or the discrete
logarithm.
In this paper we offer security arguments for a large class of known signature schemes. Moreover, we give for the first time
an argument for a very slight variation of the well-known El Gamal signature scheme. In spite of the existential forgery of
the original scheme, we prove that our variant resists existential forgeries even against an adaptively chosen-message attack.
This is provided that the discrete logarithm problem is hard to solve.
Next, we study the security of blind signatures which are the most important ingredient for anonymity in off-line electronic
cash systems. We first define an appropriate notion of security related to the setting of electronic cash. We then propose
new schemes for which one can provide security arguments.
Received 24 October 1997 and revised 22 May 1998 |
| |
Keywords: | , Cryptography, Digital signatures, Blind signatures, Security arguments, Existential forgery, One-more forgery,,,,,,Forking lemma, |
本文献已被 SpringerLink 等数据库收录! |
|