Abstract
We investigate the problem of signing short messages using a scheme that minimizes the total length of the original message and the appended signature. This line of research was motivated by several postal services interested by stamping machines capable of producing digital signatures. Although several message recovery schemes exist, their security is questionable. This paper proposes variants of DSA and ECDSA allowing partial recovery: the signature is appended to a truncated message and the discarded bytes are recovered by the verification algorithm. Still, the signature authenticates the whole message. Our scheme has some form of provable security, based on the random oracle model. Using further optimizations we can lower the scheme’s overhead to 26 bytes for a 2-80 security level, compared to forty bytes for DSA or ECDSA and 128 bytes 1024-bit RSA.
Cite
CITATION STYLE
Naccachc, D., & Stern, J. (2001). Signing on a postcard. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1962, pp. 121–135). Springer Verlag. https://doi.org/10.1007/3-540-45472-1_9
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
