Protocols for problems like Byzantine agreement, clock synchronization or contract signing often use digital signatures as the only cryptographic operation. Proofs of such protocols are frequently based on an idealizing "black-box" model of signatures. We show that the standard cryptographic security definition for digital signatures is not sufficient to ensure that such proofs are still valid if the idealized signatures are implemented with real, provably secure signatures. We propose a definition of signature security in general reactive, asynchronous environments and prove that for signature schemes where signing just depends on a counter as state the standard security definition implies our definition. © Springer-Verlag Berlin Heidelberg 2003.
CITATION STYLE
Backes, M., Pfitzmann, B., & Waidner, M. (2003). Reactively secure signature schemes. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2851, 84–95. https://doi.org/10.1007/10958513_7
Mendeley helps you to discover research relevant for your work.