Facebook Instagram Twitter RSS Feed Back to top

Security of signature schemes in the presence of key-dependent messages

In: Tatra Mountains Mathematical Publications, vol. 47, no. 3
Madeline Gonzáley Muñiz - Rainer Steinwandt
Detaily:
Rok, strany: 2010, 15 - 29
Kľúčové slová:
signature scheme, key-dependent message, forward security
O článku:
In recent years, quite some progress has been made in understanding the security of encryption schemes in the presence of key-dependent plaintexts. Here, we motivate and explore the security of a setting, where an adversary against a signature scheme can access signatures on key-dependent messages. \par We propose a way to formalize the security of signature schemes in the presence of \emph{key-dependent signatures} ({\sf KDS}). It turns out that the situation is quite different from key-dependent encryption: already to achieve {\sf KDS}-security under non-adaptive chosen message attacks, the use of a stateful signing algorithm is inevitable—even in the random oracle model. After discussing the connection between key-dependent signing and forward security, we present a compiler to lift any \sf{EUF-CMA} secure one-time signature scheme to a forward secure signature scheme offering \sf{KDS-CMA} security.
Ako citovať:
ISO 690:
Muñiz, M., Steinwandt, R. 2010. Security of signature schemes in the presence of key-dependent messages. In Tatra Mountains Mathematical Publications, vol. 47, no.3, pp. 15-29. 1210-3195.

APA:
Muñiz, M., Steinwandt, R. (2010). Security of signature schemes in the presence of key-dependent messages. Tatra Mountains Mathematical Publications, 47(3), 15-29. 1210-3195.