Canetti and Rabin recently proposed a universally composable ideal functionality FSIG for digital signatures. We show that this functionality cannot be securely realized by any signature scheme, thereby disproving their result that any signature scheme that is existentially unforgeable under adaptive chosen-message attack is a secure realization. Next, an improved signature functionality is presented. We show that our improved functionality can be securely realized by precisely those signature schemes that are secure against existential forgery under adaptive chosen-message attacks. © Springer-Verlag 2004.
CITATION STYLE
Backes, M., & Hofheinz, D. (2004). How to break and repair a universally composable signature functionality. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3225, 61–72. https://doi.org/10.1007/978-3-540-30144-8_6
Mendeley helps you to discover research relevant for your work.