Skip to main content
Conference ProceedingsOPEN ACCESS

Security analysis of the Gennaro-Halevi-Rabin signature scheme

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2000) 1807 91-101
DOI: 10.1007/3-540-45539-6_7
30Citations
Citations of this article
38Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We exhibit an attack against a signature scheme recently proposed by Gennaro, Halevi and Rabin [9]. The scheme’s security is based on two assumptions namely the strong RSA assumption and the existence of a division-intractable hash-function. For the latter, the authors conjectured a security level exponential in the hash-function’s digest size whereas our attack is sub-exponential with respect to the digest size. Moreover, since the new attack is optimal, the length of the hash function can now be rigorously fixed. In particular, to get a security level equivalent to 1024-bit RSA, one should use a digest size of approximately 1024 bits instead of the 512 bits suggested in [9].

Cite

CITATION STYLE

APA

Coron, J. S., & Naccache, D. (2000). Security analysis of the Gennaro-Halevi-Rabin signature scheme. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1807, pp. 91–101). Springer Verlag. https://doi.org/10.1007/3-540-45539-6_7

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free