Short Signatures from Diffie-Hellman, Revisited: Sublinear Public Key, CMA Security, and Tighter Reduction

نویسنده

  • Jae Hong Seo
چکیده

Designing efficient signature scheme based on the standard assumption such as the Computational Diffie-Hellman (CDH) assumption is important both from a practical and a theoretical point of view. Currently, there are only three standard model CDH-based signature schemes with short signatures due to Waters (EUROCRYPT 2005), and Seo and Böhl et al. (the merged paper in EUROCRYPT 2013). The Waters signature scheme achieves the Existentail UnForgeability against Chosen Message Attack (EUF-CMA) with nearly optimal reduction. However, this scheme suffers from large public keys. To shorten public key size, Seo and Böhl et al. proposed new approaches, respectively, but each approach has a weak point rather than the Waters signature scheme; Seo’s approach could prove only a rather weak security, called the bounded CMA security, and Böhl et al.’s approach inherently accompanies a loose reduction. In this paper, we aim at stepping towards efficient CDH-based EUF-CMA secure signature scheme with tighter reduction. To this end, we revisit the Seo signature scheme and devise an alternative security proof. The resulting security proof leads 1. asymptotically (almost) compact parameters; short signatures (two group elements and one exponent) and ω(1) public keys (e.g., log log λ), where λ is the security parameter, and 2. the standard EUF-CMA security with tighter reduction; O(λq) reduction loss, when ignoring negligible factors, which is less than O( √ λ log λq) of the original security proof and almost the same as that of the Water signature scheme.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Constant-Size Signature Scheme with a Tighter Reduction from the CDH Assumption

We present a signature scheme with the tightest securityreduction among known constant-size signature schemes secure under the computational Diffie-Hellman (CDH) assumption. It is important to reduce the security-reduction loss of a cryptosystem, which enables choosing of a smaller security parameter without compromising security; hence, enabling constant-size signatures for cryptosystems and f...

متن کامل

Short Signatures From Diffie-Hellman: Realizing Short Public Key

In EUROCRYPT 2005, Waters [42] proposed a signature scheme based on the computational Diffie-Hellman (DH) assumption without random oracles. His scheme is the first and sole signature scheme in the category of (hash-and-sign) signature schemes secure under the DH assumption in the standard model and has also been applied to the design of numerous protocols in the various cryptographic areas. Ho...

متن کامل

Towards computationally sound symbolic analysis of key exchange protocols ( extended abstract )

We present a cryptographically sound formal method for proving correctness of key exchange protocols. Our main tool is a fragment of a symbolic protocol logic. We demonstrate that proofs of key agreement and key secrecy in this logic imply simulatability in Shoup’s secure multi-party framework for key exchange. As part of the logic, we present cryptographically sound abstractions of CMA-secure ...

متن کامل

Diffie-Hellman type key exchange protocols based on isogenies

‎In this paper‎, ‎we propose some Diffie-Hellman type key exchange protocols using isogenies of elliptic curves‎. ‎The first method which uses the endomorphism ring of an ordinary elliptic curve $ E $‎, ‎is a straightforward generalization of elliptic curve Diffie-Hellman key exchange‎. ‎The method uses commutativity of the endomorphism ring $ End(E) $‎. ‎Then using dual isogenies‎, ‎we propose...

متن کامل

A NEW PROTOCOL MODEL FOR VERIFICATION OF PAYMENT ORDER INFORMATION INTEGRITY IN ONLINE E-PAYMENT SYSTEM USING ELLIPTIC CURVE DIFFIE-HELLMAN KEY AGREEMENT PROTOCOL

Two parties that conduct a business transaction through the internet do not see each other personally nor do they exchange any document neither any money hand-to-hand currency. Electronic payment is a way by which the two parties transfer the money through the internet. Therefore integrity of payment and order information of online purchase is an important concern. With online purchase the cust...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2014  شماره 

صفحات  -

تاریخ انتشار 2014