Secure and Practical Tree-Structure Signature Schemes Based on Discrete Logarithms

In this paper, we present another tree-structure signature scheme based on discrete logarithm problem modulo p, where p is a large prime. The basic signing algorithm is the original ELGmal signature scheme. The scheme attains ideal security, i.e, finding existential forgeries under adaptively chosen message attacks is equivalent to solving the discrete logarithm of any random integer \(y\in{Z_p^*}\). The scheme is also efficient, it can be implemented almost as efficiently as the original ELGamal signature scheme. We can regard the scheme as an application of ELGamal signature scheme in tree-structure signature schemes.

[1]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[2]  Ivan Damgård,et al.  Secure Signature Schemes Based on Interactive Protocols See Back Inner Page for a List of Recent Publications in the Brics Report Series. Copies May Be Obtained by Contacting: Secure Signature Schemes Based on Interactive Protocols , 1995 .

[3]  Moni Naor,et al.  An Efficient Existentially Unforgeable Signature Scheme and Its Applications , 1994, Journal of Cryptology.

[4]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[5]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[6]  Shai Halevi,et al.  Secure Hash-and-Sign Signatures Without the Random Oracle , 1999, EUROCRYPT.

[7]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[8]  Hugo Krawczyk,et al.  RSA-Based Undeniable Signatures , 1997, Journal of Cryptology.

[9]  Oded Goldreich,et al.  Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme , 1986, CRYPTO.

[10]  S. Vanstone,et al.  Improved digital signature scheme based on discrete exponentiation , 1990 .

[11]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[12]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[13]  Kazuo Ohta,et al.  On Concrete Security Treatment of Signatures Derived from Identification , 1998, CRYPTO.

[14]  Ernest F. Brickell,et al.  Advances in Cryptology — CRYPTO’ 92 , 2001, Lecture Notes in Computer Science.

[15]  Hugo Krawczyk,et al.  Advances in Cryptology - CRYPTO '98 , 1998 .

[16]  Ivan Damgård,et al.  Secure Signature Schemes Based on Interactive Protocols , 1994 .

[17]  Sung-Ming Yen,et al.  New digital signature scheme based on discrete logarithm , 1993 .

[18]  Rainer A. Rueppel,et al.  Message Recovery for Signature Schemes Based on the Discrete Logarithm Problem , 1994, EUROCRYPT.

[19]  Ivan Damgård,et al.  New Generation of Secure and Practical RSA-Based Signatures , 1996, CRYPTO.

[20]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[21]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[22]  Ueli Maurer,et al.  Advances in Cryptology — EUROCRYPT ’96 , 2001, Lecture Notes in Computer Science.

[23]  David Chaum,et al.  Provably Unforgeable Signatures , 1992, CRYPTO.

[24]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[25]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[26]  Markus Michels,et al.  Generic Constructions for Secure and Efficient Confirmer Signature Schemes , 1998, EUROCRYPT.

[27]  Patrick Horster,et al.  Meta-ElGamal signature schemes , 1994, CCS '94.