In this paper, we present a reduction from non-lossy/lossy identification scheme using rejection sampling to signature in the Random Oracle Model (ROM). The rejection sampling is used to ensure that the last step in the identification scheme does not leak information about the secret key of the scheme. This last step may fail, and to hide these failures to an adversary we use a Fiat-Shamir transform where we rerun the identification protocol until we get a valid output. We also apply our result for non-lossy identification scheme to the well-known BLISS signature [DDLL13] and compare with the original proof.
CITATION STYLE
Bert, P., & Roux-Langlois, A. (2018). From Identification Using Rejection Sampling to Signatures via the Fiat-Shamir Transform: Application to the BLISS Signature. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11049 LNCS, pp. 297–312). Springer Verlag. https://doi.org/10.1007/978-3-319-97916-8_19
Mendeley helps you to discover research relevant for your work.