Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
PKC
2007
Springer
2007
Springer
Two-Tier Signatures, Strongly Unforgeable Signatures, and Fiat-Shamir Without Random Oracles
We provide a positive result about the Fiat-Shamir (FS) transform in the standard model, showing how to use it to convert threemove identification protocols into two-tier signature schemes with a proof of security that makes a standard assumption on the hash function rather than modeling it as a random oracle. The result requires security of the starting protocol against concurrent attacks. We can show that numerous protocols have the required properties and so obtain numerous efficient two-tier schemes. Our first application is a two-tier scheme based transform of any unforgeable signature scheme into a strongly unforgeable one. (This extends Boneh, Shen and Waters [8] whose transform only applies to a limited class of schemes.) The second application is new one-time signature schemes that, compared to one-way function based ones of the same computational cost, have smaller key and signature sizes.
Real-time Traffic| Added | 09 Jun 2010 |
| Updated | 09 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | PKC |
| Authors | Mihir Bellare, Sarah Shoup |
Comments (0)
Researcher Info
|
