Confined Guessing: New Signatures From Standard Assumptions
We put forward a new technique to construct very efficient and compact signature schemes. Our technique combines several instances of only a mildly secure signature scheme to obtain a fully secure scheme. Since the mild security notion we require is much easier to achieve than full security, we can...
Gespeichert in:
| Veröffentlicht in: | Journal of cryptology 2015-01, Vol.28 (1), p.176-208 |
|---|---|
| Hauptverfasser: | , , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 208 |
|---|---|
| container_issue | 1 |
| container_start_page | 176 |
| container_title | Journal of cryptology |
| container_volume | 28 |
| creator | Böhl, Florian Hofheinz, Dennis Jager, Tibor Koch, Jessica Striecks, Christoph |
| description | We put forward a new technique to construct very efficient and compact signature schemes. Our technique combines several instances of only a mildly secure signature scheme to obtain a fully secure scheme. Since the mild security notion we require is much easier to achieve than full security, we can combine our strategy with existing techniques to obtain a number of interesting new (stateless and fully secure) signature schemes. Concretely, we get (1) A scheme based on the computational Diffie–Hellman (CDH) assumption in pairing-friendly groups. Signatures contain
O
(
1
)
and verification keys
O
(
log
k
)
group elements, where
k
is the security parameter. Our scheme is the first fully secure CDH-based scheme with such compact verification keys. (2) A scheme based on the (nonstrong) RSA assumption in which both signatures and verification keys contain
O
(
1
)
group elements. Our scheme is significantly more efficient than existing RSA-based schemes. (3) A scheme based on the Short Integer Solutions (SIS) assumption. Signatures contain
O
(
log
(
k
)
·
m
)
and verification keys
O
(
n
·
m
)
Z
p
-elements, where
p
may be polynomial in
k
, and
n
,
m
denote the usual SIS matrix dimensions. Compared to state-of-the-art SIS-based schemes, this gives very small verification keys, at the price of slightly larger signatures. In all cases, the involved constants are small, and the arising schemes provide significant improvements upon state-of-the-art schemes. The only price we pay is a rather large (polynomial) loss in the security reduction. However, this loss can be significantly reduced at the cost of an additive term in signature and verification key size. |
| doi_str_mv | 10.1007/s00145-014-9183-z |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2387712491</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2387712491</sourcerecordid><originalsourceid>FETCH-LOGICAL-c458t-d34a1f01aa89aa262519fd6c7e026a6e81fd3460252a64ff720e2c78a1381be03</originalsourceid><addsrcrecordid>eNp1kM1OwzAQhC0EEuXnAbhF4mzYtZPYgVNV0YJUwaFwtpbErlJRp9iJEH16XAWJE5eZyzezq2HsCuEGAdRtBMC84El4hVry_RGbYC4FR6n0MZtAJSUXqoJTdhbjJtGqUHLC7medd623TbYYbIytX99lz_YrW7VrT_0QbMzmodtmq558Q6HJpjEO213fdj5esBNHH9Fe_vo5e5s_vM4e-fJl8TSbLnmdF7rnjcwJHSCRrohEKQqsXFPWyoIoqbQaXUJKEIWgMndOCbCiVppQany3IM_Z9di7C91n-rI3m24IPp00QmqlUOQVJgpHqg5djME6swvtlsK3QTCHjcy4kUliDhuZfcqIMRMT69c2_DX_H_oBSk5o6Q</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2387712491</pqid></control><display><type>article</type><title>Confined Guessing: New Signatures From Standard Assumptions</title><source>Springer Nature - Complete Springer Journals</source><creator>Böhl, Florian ; Hofheinz, Dennis ; Jager, Tibor ; Koch, Jessica ; Striecks, Christoph</creator><creatorcontrib>Böhl, Florian ; Hofheinz, Dennis ; Jager, Tibor ; Koch, Jessica ; Striecks, Christoph</creatorcontrib><description>We put forward a new technique to construct very efficient and compact signature schemes. Our technique combines several instances of only a mildly secure signature scheme to obtain a fully secure scheme. Since the mild security notion we require is much easier to achieve than full security, we can combine our strategy with existing techniques to obtain a number of interesting new (stateless and fully secure) signature schemes. Concretely, we get (1) A scheme based on the computational Diffie–Hellman (CDH) assumption in pairing-friendly groups. Signatures contain
O
(
1
)
and verification keys
O
(
log
k
)
group elements, where
k
is the security parameter. Our scheme is the first fully secure CDH-based scheme with such compact verification keys. (2) A scheme based on the (nonstrong) RSA assumption in which both signatures and verification keys contain
O
(
1
)
group elements. Our scheme is significantly more efficient than existing RSA-based schemes. (3) A scheme based on the Short Integer Solutions (SIS) assumption. Signatures contain
O
(
log
(
k
)
·
m
)
and verification keys
O
(
n
·
m
)
Z
p
-elements, where
p
may be polynomial in
k
, and
n
,
m
denote the usual SIS matrix dimensions. Compared to state-of-the-art SIS-based schemes, this gives very small verification keys, at the price of slightly larger signatures. In all cases, the involved constants are small, and the arising schemes provide significant improvements upon state-of-the-art schemes. The only price we pay is a rather large (polynomial) loss in the security reduction. However, this loss can be significantly reduced at the cost of an additive term in signature and verification key size.</description><identifier>ISSN: 0933-2790</identifier><identifier>EISSN: 1432-1378</identifier><identifier>DOI: 10.1007/s00145-014-9183-z</identifier><language>eng</language><publisher>Boston: Springer US</publisher><subject>Coding and Information Theory ; Combinatorics ; Communications Engineering ; Computational Mathematics and Numerical Analysis ; Computer Science ; Networks ; Polynomials ; Probability Theory and Stochastic Processes ; Security ; Signatures ; Verification</subject><ispartof>Journal of cryptology, 2015-01, Vol.28 (1), p.176-208</ispartof><rights>International Association for Cryptologic Research 2014</rights><rights>International Association for Cryptologic Research 2014.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c458t-d34a1f01aa89aa262519fd6c7e026a6e81fd3460252a64ff720e2c78a1381be03</citedby><cites>FETCH-LOGICAL-c458t-d34a1f01aa89aa262519fd6c7e026a6e81fd3460252a64ff720e2c78a1381be03</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s00145-014-9183-z$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s00145-014-9183-z$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,776,780,27901,27902,41464,42533,51294</link.rule.ids></links><search><creatorcontrib>Böhl, Florian</creatorcontrib><creatorcontrib>Hofheinz, Dennis</creatorcontrib><creatorcontrib>Jager, Tibor</creatorcontrib><creatorcontrib>Koch, Jessica</creatorcontrib><creatorcontrib>Striecks, Christoph</creatorcontrib><title>Confined Guessing: New Signatures From Standard Assumptions</title><title>Journal of cryptology</title><addtitle>J Cryptol</addtitle><description>We put forward a new technique to construct very efficient and compact signature schemes. Our technique combines several instances of only a mildly secure signature scheme to obtain a fully secure scheme. Since the mild security notion we require is much easier to achieve than full security, we can combine our strategy with existing techniques to obtain a number of interesting new (stateless and fully secure) signature schemes. Concretely, we get (1) A scheme based on the computational Diffie–Hellman (CDH) assumption in pairing-friendly groups. Signatures contain
O
(
1
)
and verification keys
O
(
log
k
)
group elements, where
k
is the security parameter. Our scheme is the first fully secure CDH-based scheme with such compact verification keys. (2) A scheme based on the (nonstrong) RSA assumption in which both signatures and verification keys contain
O
(
1
)
group elements. Our scheme is significantly more efficient than existing RSA-based schemes. (3) A scheme based on the Short Integer Solutions (SIS) assumption. Signatures contain
O
(
log
(
k
)
·
m
)
and verification keys
O
(
n
·
m
)
Z
p
-elements, where
p
may be polynomial in
k
, and
n
,
m
denote the usual SIS matrix dimensions. Compared to state-of-the-art SIS-based schemes, this gives very small verification keys, at the price of slightly larger signatures. In all cases, the involved constants are small, and the arising schemes provide significant improvements upon state-of-the-art schemes. The only price we pay is a rather large (polynomial) loss in the security reduction. However, this loss can be significantly reduced at the cost of an additive term in signature and verification key size.</description><subject>Coding and Information Theory</subject><subject>Combinatorics</subject><subject>Communications Engineering</subject><subject>Computational Mathematics and Numerical Analysis</subject><subject>Computer Science</subject><subject>Networks</subject><subject>Polynomials</subject><subject>Probability Theory and Stochastic Processes</subject><subject>Security</subject><subject>Signatures</subject><subject>Verification</subject><issn>0933-2790</issn><issn>1432-1378</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2015</creationdate><recordtype>article</recordtype><recordid>eNp1kM1OwzAQhC0EEuXnAbhF4mzYtZPYgVNV0YJUwaFwtpbErlJRp9iJEH16XAWJE5eZyzezq2HsCuEGAdRtBMC84El4hVry_RGbYC4FR6n0MZtAJSUXqoJTdhbjJtGqUHLC7medd623TbYYbIytX99lz_YrW7VrT_0QbMzmodtmq558Q6HJpjEO213fdj5esBNHH9Fe_vo5e5s_vM4e-fJl8TSbLnmdF7rnjcwJHSCRrohEKQqsXFPWyoIoqbQaXUJKEIWgMndOCbCiVppQany3IM_Z9di7C91n-rI3m24IPp00QmqlUOQVJgpHqg5djME6swvtlsK3QTCHjcy4kUliDhuZfcqIMRMT69c2_DX_H_oBSk5o6Q</recordid><startdate>20150101</startdate><enddate>20150101</enddate><creator>Böhl, Florian</creator><creator>Hofheinz, Dennis</creator><creator>Jager, Tibor</creator><creator>Koch, Jessica</creator><creator>Striecks, Christoph</creator><general>Springer US</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope></search><sort><creationdate>20150101</creationdate><title>Confined Guessing: New Signatures From Standard Assumptions</title><author>Böhl, Florian ; Hofheinz, Dennis ; Jager, Tibor ; Koch, Jessica ; Striecks, Christoph</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c458t-d34a1f01aa89aa262519fd6c7e026a6e81fd3460252a64ff720e2c78a1381be03</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2015</creationdate><topic>Coding and Information Theory</topic><topic>Combinatorics</topic><topic>Communications Engineering</topic><topic>Computational Mathematics and Numerical Analysis</topic><topic>Computer Science</topic><topic>Networks</topic><topic>Polynomials</topic><topic>Probability Theory and Stochastic Processes</topic><topic>Security</topic><topic>Signatures</topic><topic>Verification</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Böhl, Florian</creatorcontrib><creatorcontrib>Hofheinz, Dennis</creatorcontrib><creatorcontrib>Jager, Tibor</creatorcontrib><creatorcontrib>Koch, Jessica</creatorcontrib><creatorcontrib>Striecks, Christoph</creatorcontrib><collection>CrossRef</collection><jtitle>Journal of cryptology</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Böhl, Florian</au><au>Hofheinz, Dennis</au><au>Jager, Tibor</au><au>Koch, Jessica</au><au>Striecks, Christoph</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Confined Guessing: New Signatures From Standard Assumptions</atitle><jtitle>Journal of cryptology</jtitle><stitle>J Cryptol</stitle><date>2015-01-01</date><risdate>2015</risdate><volume>28</volume><issue>1</issue><spage>176</spage><epage>208</epage><pages>176-208</pages><issn>0933-2790</issn><eissn>1432-1378</eissn><abstract>We put forward a new technique to construct very efficient and compact signature schemes. Our technique combines several instances of only a mildly secure signature scheme to obtain a fully secure scheme. Since the mild security notion we require is much easier to achieve than full security, we can combine our strategy with existing techniques to obtain a number of interesting new (stateless and fully secure) signature schemes. Concretely, we get (1) A scheme based on the computational Diffie–Hellman (CDH) assumption in pairing-friendly groups. Signatures contain
O
(
1
)
and verification keys
O
(
log
k
)
group elements, where
k
is the security parameter. Our scheme is the first fully secure CDH-based scheme with such compact verification keys. (2) A scheme based on the (nonstrong) RSA assumption in which both signatures and verification keys contain
O
(
1
)
group elements. Our scheme is significantly more efficient than existing RSA-based schemes. (3) A scheme based on the Short Integer Solutions (SIS) assumption. Signatures contain
O
(
log
(
k
)
·
m
)
and verification keys
O
(
n
·
m
)
Z
p
-elements, where
p
may be polynomial in
k
, and
n
,
m
denote the usual SIS matrix dimensions. Compared to state-of-the-art SIS-based schemes, this gives very small verification keys, at the price of slightly larger signatures. In all cases, the involved constants are small, and the arising schemes provide significant improvements upon state-of-the-art schemes. The only price we pay is a rather large (polynomial) loss in the security reduction. However, this loss can be significantly reduced at the cost of an additive term in signature and verification key size.</abstract><cop>Boston</cop><pub>Springer US</pub><doi>10.1007/s00145-014-9183-z</doi><tpages>33</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0933-2790 |
| ispartof | Journal of cryptology, 2015-01, Vol.28 (1), p.176-208 |
| issn | 0933-2790 1432-1378 |
| language | eng |
| recordid | cdi_proquest_journals_2387712491 |
| source | Springer Nature - Complete Springer Journals |
| subjects | Coding and Information Theory Combinatorics Communications Engineering Computational Mathematics and Numerical Analysis Computer Science Networks Polynomials Probability Theory and Stochastic Processes Security Signatures Verification |
| title | Confined Guessing: New Signatures From Standard Assumptions |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-09T17%3A21%3A33IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Confined%20Guessing:%20New%20Signatures%20From%20Standard%20Assumptions&rft.jtitle=Journal%20of%20cryptology&rft.au=B%C3%B6hl,%20Florian&rft.date=2015-01-01&rft.volume=28&rft.issue=1&rft.spage=176&rft.epage=208&rft.pages=176-208&rft.issn=0933-2790&rft.eissn=1432-1378&rft_id=info:doi/10.1007/s00145-014-9183-z&rft_dat=%3Cproquest_cross%3E2387712491%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2387712491&rft_id=info:pmid/&rfr_iscdi=true |