Short Signatures in the Random Oracle Model

We study how digital signature schemes can generate signatures as short as possible, in particular in the case where partial message recovery is allowed. We give a concrete proposition named OPSSR that achieves the lower bound for message expansion, and give an exact security proof of the scheme in the ideal cipher model. We extend it to the multi-key setting. We also show that this padding can be used for an asymmetric encryption scheme with minimal message expansion.

[1]  Mihir Bellare,et al.  Optimal Asymmetric Encryption-How to Encrypt with RSA , 1995 .

[2]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[3]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[4]  Chae Hoon Lim,et al.  The Korean certificate-based digital signature algorithm , 1999 .

[5]  Jean-Sébastien Coron,et al.  On the Exact Security of Full Domain Hash , 2000, CRYPTO.

[6]  Scott A. Vanstone,et al.  Postal Revenue Collection in the Digital Age , 2000, Financial Cryptography.

[7]  Jacques Stern,et al.  Signing on a Postcard , 2000, Financial Cryptography.

[8]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[9]  Nicolas Courtois,et al.  The Security of Hidden Field Equations (HFE) , 2001, CT-RSA.

[10]  Donald Byron Johnson,et al.  Formal Security Proofs for a Signature Scheme with Partial Message Recovery , 2001, CT-RSA.

[11]  Matthieu Finiasz,et al.  How to Achieve a McEliece-Based Digital Signature Scheme , 2001, ASIACRYPT.

[12]  Jean-Sébastien Coron,et al.  Optimal Security Proofs for PSS and Other Signature Schemes , 2002, EUROCRYPT.

[13]  Louis Goubin,et al.  QUARTZ, 128-Bit Long Digital Signatures , 2001, CT-RSA.

[14]  Dan Boneh,et al.  Simplified OAEP for the RSA and Rabin Functions , 2001, CRYPTO.

[15]  Jakob Jonsson,et al.  An OAEP Variant With a Tight Security Proof , 2002, IACR Cryptol. ePrint Arch..

[16]  Jean-Sébastien Coron,et al.  Universal Padding Schemes for RSA , 2002, CRYPTO.

[17]  Kazukuni Kobara,et al.  OAEP++ : A Very Simple Way to Apply OAEP to Deterministic OW-CPA Primitives , 2002, IACR Cryptol. ePrint Arch..

[18]  Alexander W. Dent,et al.  Adapting the Weaknesses of the Random Oracle Model to the Generic Group Model , 2002, ASIACRYPT.

[19]  Don Coppersmith Modifications to the Number Field Sieve , 2004, Journal of Cryptology.

[20]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[21]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..