Forward-Secure Blind Signature Scheme Based on the Strong RSA Assumption
نویسندگان
چکیده
Key exposure problem turns out to be very serious in security services. For example, in electronic cash, the problem is very severe since money is directly involved. In other applications of cryptography, it is also a devastating attack. Forward security is the first security notion addressing the this issue. Roughly speaking, forward secrecy is aimed to protect validity of the all usage before key exposure. In this paper, we investigate the key exposure problem in blind signature (with application to electronic cash in mind). We then propose a blind signature scheme which guarantees forward security. Our scheme is constructed from the provably secure Okamoto-Guillou-Quisquater (OGQ for short) blind signature scheme. Using forking lemma proposed by Pointcheval and Stern [4], we can show the equivalence between existence of a forger with feasibility of solving the strong RSA problem. In addition, our scheme introduces no significant communication overhead comparing with OGQ
منابع مشابه
A Forward-Secure Blind Signature Scheme Based on the Strong RSA Assumption
Key exposures bring out very serious problems in security services. Especially, it is more severe in the applications such as electronic cash or electronic payment where money is directly involved. Forward secrecy is one of the security notions addressing the key exposure issues. Roughly speaking, forward secrecy is aimed to protect the validity of all actions using the secret key before the ke...
متن کاملEfficient Blind Signatures Without Random Oracles
The only known blind signature scheme that is secure in the standard model [20] is based on general results about multi-party computation, and thus it is extremely inefficient. The main result of this paper is the first provably secure blind signature scheme which is also efficient. We develop our construction as follows. In the first step, which is a significant result on its own, we devise an...
متن کاملSignature Schemes Based on the Strong RSAAssumptionRonald
We describe and analyze a new digital signature scheme. The new scheme is quite eecient, does not require the the signer to maintain any state, and can be proven secure against adaptive chosen message attack under a reasonable intractability assumption, the so-called Strong RSA Assumption. Moreover, a hash function can be incorporated into the scheme in such a way that it is also secure in the ...
متن کاملSignature Scheme in Multi-User Setting
Recently, Boneh and Boyen proposed a new provably secure short signature scheme under the q-strong Diffie-Hellman assumption without random oracles. This scheme is based on bilinear map which is different from Cramer-Shoup signature scheme (which is based on the strong RSA assumption). However, Tan [17] showed that BonehBoyen scheme is subjected to key substitution attacks in the multi-user set...
متن کاملVerifiable Signature Sharing Scheme Based on Strong RSA Assumption
In 2000, Cramer and Shoup presented a signature scheme which is secure against adaptive chosen-message attacks under the strong RSA assumption in the standard model. Then, in 2003, under the strong RSA assumption only, Fischlin produced a signature of roughly half the length. A verifiable signature sharing scheme (VΣS) introduced by Franklin and Reiter in 1995 enables the recipient of a signatu...
متن کامل