Skip to main content
Springer Nature Link
Log in

A Practical and Tightly Secure Signature Scheme Without Hash Function

  • Conference paper
Topics in Cryptology – CT-RSA 2007 (CT-RSA 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4377))

Included in the following conference series:

  • 1229 Accesses

Abstract

In 1999, two signature schemes based on the flexible RSA problem (a.k.a. strong RSA problem) were independently introduced: the Gennaro-Halevi-Rabin (GHR) signature scheme and the Cramer-Shoup (CS) signature scheme. Remarkably, these schemes meet the highest security notion in the standard model. They however differ in their implementation. The CS scheme and its subsequent variants and extensions proposed so far feature a loose security reduction, which, in turn, implies larger security parameters. The security of the GHR scheme and of its twinning-based variant are shown to be tightly based on the flexible RSA problem but additionally (i) either assumes the existence of division-intractable hash functions, or (ii) requires an injective mapping into the prime numbers in both the signing and verification algorithms.

In this paper, we revisit the GHR signature scheme and completely remove the extra assumption made on the hash functions without relying on injective prime mappings. As a result, we obtain a practical signature scheme (and an on-line/off-line variant thereof) whose security is solely and tightly related to the strong RSA assumption.

The work described in this paper has been supported in part by the European Commission through the IST Programme under Contract IST-2002-507932 ECRYPT.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  2. Bos, J., Chaum, D.: Provably unforgeable signatures. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 1–14. Springer, Heidelberg (1993)

    Google Scholar 

  3. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. Journal of Cryptology 17(4), 297–319 (2004)

    Article  MATH  MathSciNet  Google Scholar 

  4. Bellare, M., Micali, S.: How to sign given any trapdoor permutation. Journal of the ACM 39(1), 214–233 (1992)

    Article  MATH  MathSciNet  Google Scholar 

  5. Bellare, M., Namprempre, C., Pointcheval, D., Semanko, M.: The one-more-RSA-inversion problems and the security of Chaum’s blind signature scheme. Journal of Cryptology 16(3), 185–215 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  6. Barić, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signature schemes without trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997)

    Google Scholar 

  7. Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM Press, New York (1993)

    Chapter  Google Scholar 

  8. Bellare, M., Rogaway, P.: The exact security of digital signatures: How to sign with RSA and Rabin. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 399–416. Springer, Heidelberg (1996)

    Google Scholar 

  9. Boneh, D., Shen, E., Waters, B.: Strongly unforgeable signature schemes based on comptutational Diffie-Hellman. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 229–240. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  10. Cramer, R., Damgård, I.: New generation of secure and practical RSA-based signatures. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 173–185. Springer, Heidelberg (1996)

    Google Scholar 

  11. Catalano, D., Gennaro, R.: Cramer-Damgård signatures revisited: Efficient flat-tree signatures based on factoring. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 313–327. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. Canetti, R., Golreich, O., Halevi, S.: The random oracle methodology, revisited. In: 30th Annual ACM Symposium on Theory of Computing, pp. 209–217. ACM Press, New York (1998)

    Google Scholar 

  13. Camenisch, J.L., Lysyanskaya, A.: A Signature Scheme with Efficient Protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  14. Coron, J.-S., Lefranc, D., Poupard, G.: A new baby-step giant-step algorithm and some applications to cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 47–60. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  15. Coron, J.-S., Naccache, D.: Security analysis of the Gennaro-Halevi-Rabin signature scheme. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 91–101. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  16. Coron, J.-S.: On the exact security of full domain hash. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 229–235. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  17. Cramer, R., Shoup, V.: Signature scheme based on the strong RSA assumption. ACM Transactions on Information and System Security 3(3), 161–185 (2000)

    Article  Google Scholar 

  18. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  19. Dwork, C., Naor, M.: An efficient existentially unforgeable signature scheme and its applications. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 234–246. Springer, Heidelberg (1994)

    Google Scholar 

  20. Even, S., Goldreich, O., Micali, S.: On-line/off-line digital signatures. Journal of Cryptology 9(1), 35–67 (1996)

    Article  MATH  MathSciNet  Google Scholar 

  21. Fischlin, M.: The Cramer-Shoup strong-RSA signature scheme revisited. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 116–129. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  22. Fujisaki, E., Okamoto, T.: Statistical zero-knowledge protocols to prove modular polynomial equations. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997)

    Google Scholar 

  23. Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Google Scholar 

  24. Gennaro, R., Halevi, S., Rabin, T.: Secure hash-and-sign signatures without the random oracle. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 123–139. Springer, Heidelberg (1999)

    Google Scholar 

  25. Goh, E.-J., Jarecki, S.: A signature scheme as secure as the Diffie-Hellman problem. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 401–415. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  26. Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen message attacks. SIAM Journal of Computing 17(2), 281–308 (1988)

    Article  MATH  MathSciNet  Google Scholar 

  27. Goldreich, O.: Two remarks concerning the Goldwasser-Micali-Rivest signature scheme. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 104–110. Springer, Heidelberg (1987)

    Google Scholar 

  28. Joye, M., Paillier, P., Vaudenay, S.: Efficient generation of prime numbers. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 340–354. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  29. Koblitz, N., Menezes, A.: Another look at “provable security”. Cryptology ePrint Archive 2004/152. Journal of Cryptology (to appear, 2004)

    Google Scholar 

  30. Krawczyk, H., Rabin, T.: Chameleon signatures. In: Symposium on Network and Distributed System Security − NDSS 2000, pp. 143–154. Internet Society (2000)

    Google Scholar 

  31. Kurosawa, K., Schmidt-Samoa, K.: New online/offline signature schemes without random oracles. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 330–346. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  32. Katz, J., Wang, N.: Efficiency improvements for signature schemes with tight security reductions. In: 10th ACM Conference on Computer and Communications Security, pp. 155–164. ACM Press, New York (2003)

    Chapter  Google Scholar 

  33. Merkle, R.: A digital signature based on a conventional encryption function. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 369–378. Springer, Heidelberg (1988)

    Google Scholar 

  34. Naccache, D., Pointcheval, D., Stern, J.: Twin signatures: An alternative to the hash-and-sign paradigm. In: 8th ACM Conference on Computer and Communications Security, pp. 20–27. ACM Press, New York (2001)

    Chapter  Google Scholar 

  35. Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: 21st Annual ACM Symposium on Theory of Computing, pp. 33–43. ACM Press, New York (1989)

    Google Scholar 

  36. Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)

    Google Scholar 

  37. Paillier, P., Vergnaud, D.: Discrete-log-based signatures may not be equivalent to discrete log. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 1–20. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  38. Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: 22nd Annual ACM Symposium on Theory of Computing, pp. 387–394. ACM Press, New York (1990)

    Google Scholar 

  39. Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120–126 (1978)

    Article  MATH  MathSciNet  Google Scholar 

  40. Shamir, A., Tauman, Y.: Improved online/offline signature schemes. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 355–367. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  41. Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  42. Zhu, H.: New digital signature scheme attaining immunity against adaptive chosen message attack. Chinese Journal of Electronics 10(4), 484–486 (2001)

    Google Scholar 

  43. Zhu, H.: A formal proof of Zhu’s signature scheme. Cryptology ePrint Archive, Report 2003/155 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Gemalto, Security Labs, Avenue du Jujubier, 13705, La Ciotat Cedex, France

    Benoît Chevallier-Mames

  2. Thomson R&D France, Technology Group, Corporate Research, Security Laboratory, 1 avenue de Belle Fontaine, 35576, Cesson-Sévigné, France

    Marc Joye

Authors
  1. Benoît Chevallier-Mames
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marc Joye
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Sharing Platform Laboratories, NTT Corporation, Japan

    Masayuki Abe

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chevallier-Mames, B., Joye, M. (2006). A Practical and Tightly Secure Signature Scheme Without Hash Function. In: Abe, M. (eds) Topics in Cryptology – CT-RSA 2007. CT-RSA 2007. Lecture Notes in Computer Science, vol 4377. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11967668_22

Download citation

  • DOI: https://doi.org/10.1007/11967668_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-69327-7

  • Online ISBN: 978-3-540-69328-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics