R. Cramer, I. Damgard, and T. Pedersen. Efficient and provable security amplifications. In Proc. of 4th Cambridge Security Protocols Workshop, Springer, Lecture Notes in Computer Science (Vol. 1189), pages 101--109.  Home/Search   Document Details and Download   Summary   Related Articles   Check

.... the one time key pair and the signature to its verification key ahead of time, leading to an off line on line signature scheme [69] An alternative and more efficient transformation, of signature schemes which are robust under a random message attack into general ones, has been suggested in [53]. 19 in previous signatures [86] Employing this paradigm and assuming that the RSA function is infeasible to invert, one obtains a secure signature scheme [106, 86] in which the i th message can be signed verified in time 2 log 2 i slower than plain RSA. Using a tree of large fan in and ....

R. Cramer, I. Damgard, and T. Pedersen. Efficient and provable security amplifications. In Proc. of 4th Cambridge Security Protocols Workshop, Springer, Lecture Notes in Computer Science (Vol. 1189), pages 101--109.

....modifiying the proof of knowledge of double discrete logarithms in [10] Therefore, it can be guaranteed that Alice s sends values of the form g m in step 1. Hence it follows, that an successful attack on the traceability of the related DMI scheme would violate the assumption. Now, following [3], we can deviate a signature scheme from the one used above where adapative attacks do not give any advantage compared to passive attacks. As a result, we can design DMI schemes where the traceability can be guaranteed under the assumption that existential forgery of the basic signature scheme is ....

R. Cramer, I. Damgard, T. P. Pedersen, "Efficient and Provable Security Amplifications ", LNCS 1189, Proceedings of 4th Cambridge Security Protocols Workshop, Springer Verlag, (1996), pp. 101--109.

....he needs 2 exp. to check the authentication of C. 9. Security The security of the new delegation schemes is based on the security of the underlying signature scheme, which has been analyzed in [Schn91] We can amplify the security of this signature scheme by using the approach described in [CrPe95] The security of the simply chained tokens relies on the security of the hierarchical self certified public key, which will be analyzed in detail in the full version of this paper. 10. Conclusion We gave a classification of delegation schemes into six classes. To solve the problem with simply ....

R.Cramer, T.Pedersen, "Efficient and provable security amplifications", CS-R9529, Computer Science, Dept. of Algorithms and Architecture, CWI, Amsterdam, (1995), 9 pages.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC