The Cramer-Shoup Strong-RSASignature Scheme Revisited

We discuss a modification of the Cramer-Shoup strong-RSA signature scheme. Our proposal also presumes the strong RSA assumption, but allows faster signing and verification and produces signatures of roughly half the size. Then we present a stateful version of our scheme where signing (but not verifying) becomes almost as efficient as with RSA-PSS. We also show how to turn our signature schemes into "lightweight" anonymous yet linkable group identification protocols without random oracles.

[1]  Giovanni Di Crescenzo,et al.  Communication-efficient anonymous group identification , 1998, CCS '98.

[2]  Ivan Damgård,et al.  Generic Lower Bounds for Root Extraction and Signature Schemes in General Groups , 2002, EUROCRYPT.

[3]  Ivan Damgård,et al.  Efficient and Provable Security Amplifications , 1996, Security Protocols Workshop.

[4]  Marc Fischlin,et al.  Identification Protocols Secure against Reset Attacks , 2001, EUROCRYPT.

[5]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[6]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 2000, TSEC.

[7]  Birgit Pfitzmann,et al.  Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees , 1997, EUROCRYPT.

[8]  Tatsuaki Okamoto,et al.  Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations , 1997, CRYPTO.

[9]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 1999, CCS '99.

[10]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[11]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[12]  Matthew K. Franklin,et al.  Anonymous authentication with subset queries (extended abstract) , 1999, CCS '99.

[13]  Victor Shoup,et al.  ACE: The Advanced Cryptographic Engine , 2000, IACR Cryptol. ePrint Arch..

[14]  Dan Boneh,et al.  TWENTY YEARS OF ATTACKS ON THE RSA CRYPTOSYSTEM , 1999 .

[15]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[16]  Xiaotie Deng,et al.  Design and Security Analysis of Anonymous Group Identification Protocols , 2002, Public Key Cryptography.

[17]  Alessandro Verri,et al.  Pattern Recognition with Support Vector Machines , 2002, Lecture Notes in Computer Science.

[18]  Daniel Bleichenbacher Efficiency and security of cryptosystems based on number theory , 1996 .

[19]  U. Maurer Fast generation of prime numbers and secure public-key cryptographic parameters , 1995, Journal of Cryptology.