Sciweavers

ACISP
2007
Springer

Hash-and-Sign with Weak Hashing Made Secure

14 years 5 months ago
Hash-and-Sign with Weak Hashing Made Secure
Abstract. Digital signatures are often proven to be secure in the random oracle model while hash functions deviate more and more from this idealization. Liskov proposed to model a weak hash function by a random oracle together with another oracle allowing to break some properties of the hash function, e.g. a preimage oracle. To avoid the need for collision-resistance, Bellare and Rogaway proposed to use target collision resistant (TCR) randomized pre-hashing. Later, Halevi and Krawczyk suggested to use enhanced TCR (eTCR) hashing to avoid signing the random seed. To avoid the increase in signature length in the TCR construction, Mironov suggested to recycle some signing coins in the message preprocessing. In this paper, we develop and apply all those techniques. In particular, we obtain a generic preprocessing which allows to build strongly secure signature schemes when hashing is weak and the internal (textbook) signature is weakly secure. We model weak hashing by a preimage-tractable...
Sylvain Pasini, Serge Vaudenay
Added 06 Jun 2010
Updated 06 Jun 2010
Type Conference
Year 2007
Where ACISP
Authors Sylvain Pasini, Serge Vaudenay
Comments (0)