More short signatures without random oracles

We construct three new signatures and prove their securities without random oracles. They are motivated, respectively, by Boneh and Boyen [9]’s, Zhang, et al. [45]’s, and Camenisch and Lysyanskaya [14]’s signatures without random oracles. The first two of our signatures are as short as [9, 45]’s state-of-the-art short signatures, and are 17% shorter if the pairings in use admits a Verheul homomorphism or an algebraic tori attack. Our third signature is reducible to a modified LRSW Assumption [31] but without the LRSW Assumption’s hypothesized external signing oracle. New and interesting variants of the q-SDH Assumption, the q-SR (Square Root) Assumption are also presented. New and independently interesting proof techniques extending the two-mode technique of [9] are used, including a combined three-mode simulation and rewinding in the standard model.

[1]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[2]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[3]  Brent Waters,et al.  Compact Group Signatures Without Random Oracles , 2006, EUROCRYPT.

[4]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[5]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[6]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[7]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[8]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 2000, TSEC.

[9]  Dan Boneh,et al.  A Secure Signature Scheme from Bilinear Maps , 2003, CT-RSA.

[10]  Jan Camenisch,et al.  Practical Group Signatures without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[11]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[12]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[13]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[14]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[15]  Tsz Hon Yuen,et al.  Ring signatures without random oracles , 2006, ASIACCS '06.

[16]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[17]  Aggelos Kiayias,et al.  Two-round concurrent blind signatures without random oracles , 2005 .

[18]  Victor K.-W. Wei Tight Reductions among Strong Di e-Hellman Assumptions , 2005, IACR Cryptol. ePrint Arch..

[19]  M. Kasahara,et al.  A New Traitor Tracing , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[20]  Amit Sahai,et al.  Pseudonym Systems , 1999, Selected Areas in Cryptography.

[21]  Moni Naor,et al.  An Efficient Existentially Unforgeable Signature Scheme and its Applications , 1994, CRYPTO.

[22]  Jacques Stern,et al.  Provably Secure Blind Signature Schemes , 1996, ASIACRYPT.

[23]  Ivan Damgård,et al.  Secure Signature Schemes Based on Interactive Protocols See Back Inner Page for a List of Recent Publications in the Brics Report Series. Copies May Be Obtained by Contacting: Secure Signature Schemes Based on Interactive Protocols , 1995 .

[24]  Chanathip Namprempre,et al.  The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme , 2003, Journal of Cryptology.

[25]  Ivan Damgård,et al.  New Generation of Secure and Practical RSA-Based Signatures , 1996, CRYPTO.

[26]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[27]  David A. Wagner,et al.  A Generalized Birthday Problem , 2002, CRYPTO.

[28]  Hong Wang,et al.  Short Threshold Signature Schemes Without Random Oracles , 2005, INDOCRYPT.

[29]  Yi Mu,et al.  A New Short Signature Scheme Without Random Oracles from Bilinear Pairings , 2005, IACR Cryptol. ePrint Arch..

[30]  Reihaneh Safavi-Naini,et al.  An Efficient Signature Scheme from Bilinear Pairings and Its Applications , 2004, Public Key Cryptography.

[31]  Jonathan Katz,et al.  Ring Signatures: Stronger Definitions, and Constructions without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[32]  Anna Lysyanskaya,et al.  Unique Signatures and Verifiable Random Functions from the DH-DDH Separation , 2002, CRYPTO.

[33]  Yael Tauman Kalai,et al.  On the (In)security of the Fiat-Shamir paradigm , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[34]  Shai Halevi,et al.  Secure Hash-and-Sign Signatures Without the Random Oracle , 1999, EUROCRYPT.

[35]  Silvio Micali,et al.  A "Paradoxical" Solution to the Signature Problem (Extended Abstract) , 1984, FOCS.

[36]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[37]  Claus-Peter Schnorr,et al.  Security of Blind Discrete Log Signatures against Interactive Attacks , 2001, ICICS.

[38]  Amit Sahai,et al.  Honest-verifier statistical zero-knowledge equals general statistical zero-knowledge , 1998, STOC '98.

[39]  Yehuda Lindell,et al.  Lower bounds for non-black-box zero knowledge , 2006, J. Comput. Syst. Sci..

[40]  Wenbo Mao,et al.  Modern Cryptography: Theory and Practice , 2003 .

[41]  Alfred Menezes,et al.  Pairing-Based Cryptography at High Security Levels , 2005, IMACC.

[42]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[43]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[44]  Tsz Hon Yuen,et al.  Constant-Size Hierarchical Identity-Based Signature/Signcryption without Random Oracles , 2005, IACR Cryptol. ePrint Arch..