Security Analysis of Some Batch Verifying Signatures from Pairings
نویسندگان
چکیده
Batch verification can provide large computational savings when multiple signatures are verified together. Recently, some batch verifying signature schemes have been proposed from bilinear pairings. In this paper, we show that an attacker can cheat a verifier to accept invalid signatures in these batch verifying schemes. We also show that randomized batch verification technique can be used to avoid these attacks.
منابع مشابه
Practical Short Signature Batch Verification
In many applications, it is desirable to work with signatures that are short, and yet wheremanymessages from different signers be verified very quickly. RSA signatures satisfy the latter condition, but are generally thousands of bits in length. Recent developments in pairing-based cryptography produced a number of “short” signatures which provide equivalent security in a fraction of the space. ...
متن کاملHow to Cheat Verifiers in Shao’s Batch Verifying Multiple DSA-type Digital Signatures
Batch verification can reduce large computational cost when multiple signatures are verified together. In 2001, Shao proposed an efficient algorithm for batch verifying DSA-type multiple signatures. He also provided mathematic proof to show that his scheme has the same security as the underlying DSA-type signature. In this paper, we first point out that Shao’s algorithm is insecure, and further...
متن کاملAn Efficient Batch Verifying Scheme for Detecting Illegal Signatures
In a batch verifying scheme, multiple RSA digital signatures can be verified simultaneously in just one exponential operation time. Currently, the verifier could not easily detect where the signature-verification fault was located in most schemes, if the batch verification fails. In this article, we proposed a new batch verifying multiple RSA digital signatures scheme based on a cube. The schem...
متن کاملA Non-delegatable Identity-based Designated Verifier Signature Scheme without Bilinear Pairings
Up to now, several non-delegatable identity-based (strong) designated verifier signature schemes using bilinear pairings are proposed. In these identity-based (strong) designated verifier signature schemes, bilinear pairings are employed either in signing and verifying steps or only in the verifying step. However, the computation cost of pairings at a security level equivalent to a 128-bit symm...
متن کاملShort Structure-Preserving Signatures
We construct a new structure-preserving signature scheme in the efficient Type-III asymmetric bilinear group setting with signatures shorter than all existing schemes. Our signatures consist of 3 group elements from the first source group and therefore have shorter size than all existing schemes as existing ones have at least one component of the signature in the second source group whose eleme...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- I. J. Network Security
دوره 3 شماره
صفحات -
تاریخ انتشار 2006