Skip to main content
Conference ProceedingsOPEN ACCESS

Security of 2t-root identification and signatures

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (1996) 1109 143-156
DOI: 10.1007/3-540-68697-5_12
15Citations
Citations of this article
40Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Ong-Schnorr identification and signatures are variants of the Fiat-Shamir scheme with short and fast communication and signatures. This scheme uses secret keys that are 2t-roots modulo N of the public keys, whereas Fiat-Shamir uses square roots modulo N. Security for particular cases has recently been proved by Micali [M94] and Shoup [Sh96]. We prove that identification and signatures are secure for arbitrary moduli N = pq unless N can easily be factored. The proven security of identification against active impersonation attacks depends on the maximal 2-power 2m that divides either p − 1 or q − 1. We show that signatures are secure against adaptive chosen-message attacks. This proves the security of a very efficient signature scheme.

Author supplied keywords

Cite

CITATION STYLE

APA

Schnorr, C. P. (1996). Security of 2t-root identification and signatures. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1109, pp. 143–156). Springer Verlag. https://doi.org/10.1007/3-540-68697-5_12

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free