Short Signatures Without Random Oracles

We describe a short signature scheme which is existentially unforgeable under a chosen message attack without using random oracles. The security of our scheme depends on a new complexity assumption we call the Strong Diffie-Hellman assumption. This assumption has similar properties to the Strong RSA assumption, hence the name. Strong RSA was previously used to construct signature schemes without random oracles. However, signatures generated by our scheme are much shorter and simpler than signatures from schemes based on Strong RSA. Furthermore, our scheme provides a limited form of message recovery.

[1]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[2]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[3]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[4]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[5]  Reihaneh Safavi-Naini,et al.  New traitor tracing schemes using bilinear map , 2003, DRM '03.

[6]  Reihaneh Safavi-Naini,et al.  An Efficient Signature Scheme from Bilinear Pairings and Its Applications , 2004, Public Key Cryptography.

[7]  A. Alarcón,et al.  FUNDAMENTALS , 2000, Springer Monographs in Mathematics.

[8]  Jean-Sébastien Coron,et al.  Security Analysis of the Gennaro-Halevi-Rabin Signature Scheme , 2000, EUROCRYPT.

[9]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[10]  Louis Goubin,et al.  QUARTZ, 128-Bit Long Digital Signatures , 2001, CT-RSA.

[11]  Jacques Stern,et al.  Signing on a Postcard , 2000, Financial Cryptography.

[12]  Jonathan Katz,et al.  Efficiency improvements for signature schemes with tight security reductions , 2003, CCS '03.

[13]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 2000, TSEC.

[14]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[15]  Shai Halevi,et al.  Secure Hash-and-Sign Signatures Without the Random Oracle , 1999, EUROCRYPT.

[16]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[17]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[18]  Antoine Joux,et al.  Separating Decision Diffie-Hellman from Diffie-Hellman in cryptographic groups , 2001, IACR Cryptology ePrint Archive.

[19]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[20]  Hugo Krawczyk,et al.  Chameleon Signatures , 2000, NDSS.

[21]  M. Kasahara,et al.  A New Traitor Tracing , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[22]  Amit Sahai,et al.  Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[23]  Jean-Sébastien Coron,et al.  On the Exact Security of Full Domain Hash , 2000, CRYPTO.

[24]  Magnus Daum,et al.  On the Security of HFE, HFEv- and Quartz , 2003, Public Key Cryptography.

[25]  Scott A. Vanstone,et al.  Postal Revenue Collection in the Digital Age , 2000, Financial Cryptography.

[26]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.