C. Dwork and M. Naor. An efficient existentially unforegeable signature scheme and its applications. In Advances in Cryptology--Crypto '94, pages 218--238, 1994.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....need a collision resistant hash function actually, as we shall see, a universal oneway hash function [16] is sufficient. This is a revision of IBM Research Report RZ 3083 (December 1998) 1 Our new schemes are interesting in that they are state free, unlike other provably secure schemes [11, 9, 7]. Of course, we achieve this at the expense using of a potentially stronger assumption than is made in [11, 9, 7] We stress that in discussing proofs of security, we are not making use of the random oracle model of computation [3] but rather, we are working in the real world of computation. ....

....sufficient. This is a revision of IBM Research Report RZ 3083 (December 1998) 1 Our new schemes are interesting in that they are state free, unlike other provably secure schemes [11, 9, 7] Of course, we achieve this at the expense using of a potentially stronger assumption than is made in [11, 9, 7]. We stress that in discussing proofs of security, we are not making use of the random oracle model of computation [3] but rather, we are working in the real world of computation. Indeed, the standard hash and invert RSA signature is provably secure in the random oracle model under the ....

C. Dwork and M. Naor. An efficient existentially unforegeable signature scheme and its applications. In Advances in Cryptology--Crypto '94, pages 218--238, 1994.

....attack, as defined in [9] To prove that our new schemes are secure, we need to make the Strong RSA Assumption (SRA) recently introduced by [2] We also need a collision resistant hash function. 1 Our new schemes are interesting in that they are state free, unlike other provably secure schemes [9, 7, 6]. Of course, we achieve this at the expense using of a potentially stronger assumption than is made in [9, 7, 6] 1 We could get by using a target collision resistant hash function by adapting the ideas from [4] We stress that in discussing proofs of security, we are not making use of the ....

....(SRA) recently introduced by [2] We also need a collision resistant hash function. 1 Our new schemes are interesting in that they are state free, unlike other provably secure schemes [9, 7, 6] Of course, we achieve this at the expense using of a potentially stronger assumption than is made in [9, 7, 6]. 1 We could get by using a target collision resistant hash function by adapting the ideas from [4] We stress that in discussing proofs of security, we are not making use of the random oracle model of computation [3] but rather, we are working in the real world of computation. Indeed, ....

C. Dwork and M. Naor. An efficient existentially unforegeable signature scheme and its applications. In Advances in Cryptology--Crypto '94, pages 218--238, 1994.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC