How To Sign Given Any Trapdoor Function (extended abstract)

We present a digital signature scheme based on trapdoor permutations. This scheme is secure against existential forgery under adaptive chosen message attack. The only previous scheme with the same level of security was based on factoring. Although the main thrust of our work is the question of reduced assumptions, we believe that the scheme itself is of some independent interest. We mention improvements on the basic scheme which lead to a memoryless and more efficient version.

[1]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[2]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[3]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[4]  Silvio Micali,et al.  Strong signature schemes , 1983, STOC '83.

[5]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[6]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[7]  Leonid A. Levin,et al.  One-way functions and pseudorandom generators , 1985, STOC '85.

[8]  Hugo Krawczyk,et al.  On the existence of pseudorandom generators , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[9]  Silvio Micali,et al.  How To Sign Given Any Trapdoor Function , 1988, CRYPTO.

[10]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[11]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..

[12]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).