Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
EUROCRYPT
2000
Springer
2000
Springer
Security Analysis of the Gennaro-Halevi-Rabin Signature Scheme
We exhibit an attack against a signature scheme recently proposed by Gennaro, Halevi and Rabin [9]. The scheme's security is based on two assumptions namely the strong RSA assumption and the existence of a division-intractable hash-function. For the latter, the authors conjectured a security level exponential in the hash-function's digest size whereas our attack is sub-exponential with respect to the digest size. Moreover, since the new attack is optimal, the length of the hash function can now be rigorously fixed. In particular, to get a security level equivalent to 1024-bit RSA, one should use a digest size of approximately 1024 bits instead of the 512 bits suggested in [9]. Keywords. Gennaro-Halevi-Rabin signature scheme, Strong RSA problem, division intractability.
Real-time TrafficRelated Content
| Added | 24 Aug 2010 |
| Updated | 24 Aug 2010 |
| Type | Conference |
| Year | 2000 |
| Where | EUROCRYPT |
| Authors | Jean-Sébastien Coron, David Naccache |
Comments (0)
Researcher Info
|
