Lecture 15 - Digital Signatures
نویسنده
چکیده
Definition of digital signatures. Recall that we had the following picture: Private Key Public Key Secrecy Private Key Encryption Public key Encryption Integrity Message Authentication Codes (MAC) ?? Digital signatures complete this picture by giving a public key analog of message authentication codes. Digital signatures were suggested by Diffie and Hellman in their seminal paper, but unlike the case of public key encryption schemes (where they had a key exchange protocol that could be made into a probabilistic encryption scheme) they did not have a reasonable candidate for such signatures until the RSA system was invented a year later by Rivest, Shamir and Adelman. However, even the RSA system was quickly seen not to have sufficient security and only later Goldwasser, Micali and Rivest gave what is now considered to be the “right” definition for digital signatures, and also a factoring-based construction meeting this definition. This definition is called existential forgery under chosen-message attack but we’ll simply call it secure signature schemes.
منابع مشابه
Lecture 19 : Digital Signatures Instructor : Rafael Pass Scribe : Tom Roeder 1 Digital Signature Schemes
We begin by defining a digital signature scheme.
متن کاملLecture 12 - Digital Signatures
Definition of digital signatures. Recall that we had the following picture: Private Key Public Key Secrecy Private Key Encryption Public key Encryption Integrity Message Authentication Codes (MAC) ?? Digital signatures complete this picture by giving a public key analog of message authentication codes. Digital signatures were suggested by Diffie and Hellman in their seminal paper, but unlike th...
متن کاملLecture 13 - Digital Signatures
Definition of digital signatures. Recall that we had the following picture: Private Key Public Key Secrecy Private Key Encryption Public key Encryption Integrity Message Authentication Codes (MAC) ?? Digital signatures complete this picture by giving a public key analog of message authentication codes. Digital signatures were suggested by Diffie and Hellman in their seminal paper, but unlike th...
متن کاملIntroduction to Cryptography November 2 , 2006 Lecture 20 : Digital Signatures II
In the last lecture, we developed a digital signature scheme for message in {0, 1} n and proved it to be one-time secure. We also showed how to construct a family of Collision-Resistant Hash Functions (CRH) and claimed that they would be useful in constructing one-time secure digital signature schemes for messages in {0, 1} *. The following theorem makes this claim more formally. Theorem 1 If t...
متن کاملLecture 16 - Digital Signatures
Digital signatures complete this picture by giving a public key analog of message authentication codes. Digital signatures were suggested by Diffie and Hellman in their seminal paper, but unlike the case of public key encryption schemes (where they had a key exchange protocol that could be made into a probabilistic encryption scheme) they did not have a reasonable candidate for such signatures ...
متن کامل