Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
PKC
2005
Springer
2005
Springer
From Fixed-Length to Arbitrary-Length RSA Encoding Schemes Revisited
To sign with RSA, one usually encodes the message m as µ(m) and then raises the result to the private exponent modulo N. In Asiacrypt 2000, Coron et al. showed how to build a secure RSA encoding scheme µ′ (m) for signing arbitrarily long messages from a secure encoding scheme µ(m) capable of handling only fixed-size messages, without making any additional assumptions. However, their construction required that the input size of µ be larger than the modulus size. In this paper we present a construction for which the input size of µ does not have to be larger than N. Our construction shows that the difficulty in building a secure encoding for RSA signatures is not in handling messages of arbitrary length, but rather in finding a secure encoding function for short messages, which remains an open problem in the standard model.
Real-time Traffic| Added | 28 Jun 2010 |
| Updated | 28 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | PKC |
| Authors | Julien Cathalo, Jean-Sébastien Coron, David Naccache |
Comments (0)
Researcher Info
|
