Sciweavers

ASIACRYPT
2003
Springer

Almost Uniform Density of Power Residues and the Provable Security of ESIGN

14 years 4 months ago
Almost Uniform Density of Power Residues and the Provable Security of ESIGN
Abstract. ESIGN is an efficient signature scheme that has been proposed in the early nineties (see [14]). Recently, an effort was made to lay ESIGN on firm foundations, using the methodology of provable security. A security proof [15] in the random oracle model, along the lines of [2], appeared in support for ESIGN. However, several unexpected difficulties were found. Firstly, it was observed in [20], that the proof from [15] holds in a more restricted model of security than claimed. Even if it is quite easy to restore the usual security level, as suggested in [9], this shows that the methodology of security proofs is more subtle than it at first appears. Secondly, it was found that the proof needs the additional assumption that e is prime to ϕ(n), thus excluding the case where e is a small power of two, a very attractive parameter choice. The difficulty here lies in the simulation of the random oracle, since it relies on the distribution of e-th powers, which is not completely und...
Tatsuaki Okamoto, Jacques Stern
Added 06 Jul 2010
Updated 06 Jul 2010
Type Conference
Year 2003
Where ASIACRYPT
Authors Tatsuaki Okamoto, Jacques Stern
Comments (0)