Download:
by David Naccache, Jacques Stern, Gemplus Card International, École Normale Supérieure
http://www.gemplus.com/smart/r_d/publications/pdf/NS01post.pdf
Add To MetaCart
Abstract:
Abstract. We investigate the problem of signing short messages using a scheme that minimizes the total length of the original message and the appended signature. This line of research was motivated by several postal services interested by stamping machines capable of producing digital signatures. Although several message recovery schemes exist, their security is questionable. This paper proposes variants of DSA and ECDSA allowing partial recovery: the signature is appended to a truncated message and the discarded bytes are recovered by the verification algorithm. Still, the signature authenticates the whole message. Our scheme has some form of provable security, based on the random oracle model. Using further optimizations we can lower the scheme’s overhead to 26 bytes for a 2 −80 security level, compared to forty bytes for DSA or ECDSA and 128 bytes 1024-bit RSA. 1
Citations
|
897
|
Random oracles are practical: A paradigm for designing efficient protocols
– Bellare, Rogaway
- 1993
|
|
244
|
The exact security of digital signatures - how to sign with rsa and rabin
– Bellare, Rogaway
- 1996
|
|
172
|
Security proofs for signature schemes
– Pointcheval, Stern
|
|
148
|
bounds for discrete logarithms and related problems
– Shoup, “Lower
- 1997
|
|
56
|
Complexity of a determinate algorithm for the discrete logarithm
– Nechaev
- 1993
|
|
48
|
A new signature scheme based on the DSA giving message recovery
– Nyberg, Rueppel
- 1993
|
|
36
|
Information Technology – Security Techniques – Digital Signature Schemes giving message recovery – Part 2: Integer factorisation based mechanisms
– ISOIEC
|
|
27
|
On the security of rsa padding
– Coron, Naccache, et al.
- 1999
|
|
17
|
A signature scheme with message recovery as secure as discrete logarithm
– Abe, Okamoto
- 1999
|
|
4
|
Standard specifications for public key cryptography, (available from http://grouper.ieee.org/groups/1363/index.html
– Draft
- 1998
|
|
2
|
iso 9796-1 and the new forgery strategy., manuscript
– Coppersmith, Halevi, et al.
- 1999
|
