Conference ProceedingsOPEN ACCESS

Secure hash-and-sign signatures without the random oracle

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (1999) 1592 123-139
DOI: 10.1007/3-540-48910-X_9
269Citations
Citations of this article
121Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We present a new signature scheme which is existentially unforgeable under chosen message attacks, assuming some variant of the RSA conjecture. This scheme is not based on “signature trees", and instead it uses the so called “hash-and-sign" paradigm. It is unique in that the assumptions made on the cryptographic hash function in use are well defined and reasonable (although non-standard). In particular, we do not model this function as a random oracle. We construct our proof of security in steps. First we describe and prove a construction which operates in the random oracle model. Then we show that the random oracle in this construction can be replaced by a hash function which satisfies some strong (but well defined!) compu- tational assumptions. Finally, we demonstrate that these assumptions are reasonable, by proving that a function satisfying them exists under standard intractability assumptions.

Author supplied keywords

Cite

CITATION STYLE

APA

Gennaro, R., Halevi, S., & Rabin, T. (1999). Secure hash-and-sign signatures without the random oracle. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1592, pp. 123–139). Springer Verlag. https://doi.org/10.1007/3-540-48910-X_9

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free