Skip to main content
SpringerLink
Log in

A Family of FDH Signature Schemes Based on the Quadratic Residuosity Assumption

  • Conference paper
  • First Online:
Book cover Progress in Cryptology – INDOCRYPT 2018 (INDOCRYPT 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11356))

Included in the following conference series:

  • 692 Accesses

Abstract

Signature schemes are arguably the most crucial cryptographic primitive, and devising tight security proofs for signature schemes is an important endeavour, as it immediately impacts the feasibility of deployment in real world applications. Hash-then-sign signature schemes in the Random Oracle Model, such as RSA-FDH, and Rabin-Williams variants are among the fastest schemes to date, but that unfortunately do not enjoy tight security proofs based on the one-wayness of their trapdoor function; instead, all known tight proofs rely on variants of the (non-standard) \(\varPhi \)-Hiding assumption. As our main contribution, we introduce a family of hash-then-sign signature schemes, inspired by a lossy trapdoor function from Freeman et al. (JoC’ 13), that is tightly secure under the Quadratic Residuosity assumption. Our first scheme has the property of having unique signatures, while the second scheme is deterministic with an extremely fast signature verification, requiring at most 3 modular multiplications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The verifiability condition informally says that all signatures produced by the signing algorithm must be valid for the corresponding verification key.

  2. 2.

    Arguably, the next best assumption after factoring is quadratic residuosity, which has been extensively studied, at least as much as the RSA assumption.

  3. 3.

    We do not consider cases where the Jacobi or Legendre symbols are 0 since they happen with negligible probability.

References

  1. Ateniese, G., Magri, B., Venturi, D.: Subversion-resilient signature schemes. In: Ray, I., Li, N., Kruegel, C. (eds.) 22nd Conference on Computer and Communications Security – ACM CCS 2015, pp. 364–375. ACM Press (2015)

    Google Scholar 

  2. Bader, C., Jager, T., Li, Y., Schäge, S.: On the impossibility of tight cryptographic reductions. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 273–304. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_10

    Chapter  Google Scholar 

  3. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Ashby, V. (ed.) ACM CCS 93: 1st Conference on Computer and Communications Security, pp. 62–73. ACM Press, November 1993

    Google Scholar 

  4. Bellare, M., Rogaway, P.: The exact security of digital signatures: how to sign with RSA and Rabin. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 399–416. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68339-9_34

    Chapter  Google Scholar 

  5. Bernstein, D.J.: Proving tight security for Rabin-Williams signatures. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 70–87. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78967-3_5

    Chapter  Google Scholar 

  6. Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_4

    Chapter  Google Scholar 

  7. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. J. Cryptol. 17(4), 297–319 (2004)

    Article  MathSciNet  Google Scholar 

  8. Boneh, D., Shen, E., Waters, B.: Strongly unforgeable signatures based on computational Diffie-Hellman. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 229–240. Springer, Heidelberg (2006). https://doi.org/10.1007/11745853_15

    Chapter  Google Scholar 

  9. Cachin, C., Micali, S., Stadler, M.: Computationally Private Information Retrieval with Polylogarithmic Communication. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 402–414. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_28

    Chapter  Google Scholar 

  10. Chevallier-Mames, B., Joye, M.: A practical and tightly secure signature scheme without hash function. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 339–356. Springer, Heidelberg (2006). https://doi.org/10.1007/11967668_22

    Chapter  Google Scholar 

  11. Coron, J.-S.: On the exact security of full domain hash. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 229–235. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44598-6_14

    Chapter  Google Scholar 

  12. Coron, J.-S.: Optimal security proofs for PSS and other signature schemes. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 272–287. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46035-7_18

    Chapter  Google Scholar 

  13. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  14. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31, 469–472 (1985)

    Article  MathSciNet  Google Scholar 

  15. Freeman, D.M., Goldreich, O., Kiltz, E., Rosen, A., Segev, G.: More constructions of lossy and correlation-secure trapdoor functions. J. Crypt. 26(1), 39–74 (2013)

    Article  MathSciNet  Google Scholar 

  16. Gennaro, R., Halevi, S., Rabin, T.: Secure hash-and-sign signatures without the random oracle. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 123–139. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_9

    Chapter  Google Scholar 

  17. Granboulan, L.: How to repair ESIGN. In: Cimato, S., Persiano, G., Galdi, C. (eds.) SCN 2002. LNCS, vol. 2576, pp. 234–240. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36413-7_17

    Chapter  Google Scholar 

  18. Guo, F., Chen, R., Susilo, W., Lai, J., Yang, G., Mu, Y.: Optimal security reductions for unique signatures: bypassing impossibilities with a counterexample. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10402, pp. 517–547. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63715-0_18

    Chapter  Google Scholar 

  19. Herrmann, M.: Improved cryptanalysis of the multi-prime \(\varpi \) - hiding assumption. In: Nitaj, A., Pointcheval, D. (eds.) AFRICACRYPT 2011. LNCS, vol. 6737, pp. 92–99. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21969-6_6

    Chapter  Google Scholar 

  20. Kakvi, S.A., Kiltz, E.: Optimal security proofs for full domain hash, revisited. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 537–553. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_32

    Chapter  Google Scholar 

  21. Kakvi, S.A., Kiltz, E.: Optimal security proofs for full domain hash, revisited. J. Crypt. 31(1), 276–306 (2018)

    Article  MathSciNet  Google Scholar 

  22. Katz, J., Wang, N.: Efficiency improvements for signature schemes with tight security reductions. In: Sushil, J., Vijayalakshmi, A., Trent, J. (eds.) ACM CCS 03: 10th Conference on Computer and Communications Security – ACM CCS 2003, pp. 155–164. ACM Press, October 2003

    Google Scholar 

  23. Leurent, G., Nguyen, P.Q.: How risky is the random-oracle model? In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 445–464. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_26

    Chapter  Google Scholar 

  24. Eikenberry, S.M., Sorenson, J.P.: Efficient algorithms for computing the Jacobi symbol. J. Symb. Comput. 26, 509–523 (1998)

    Article  MathSciNet  Google Scholar 

  25. Mironov, I., Stephens-Davidowitz, N.: Cryptographic reverse firewalls. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 657–686. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_22

    Chapter  Google Scholar 

  26. Ristenpart, T., Yilek, S.: When good randomness goes bad: virtual machine reset vulnerabilities and hedging deployed cryptography. In: ISOC Network and Distributed System Security Symposium - NDSS 2010. The Internet Society, February/March 2010

    Google Scholar 

  27. Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signature and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Article  MathSciNet  Google Scholar 

  28. Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, Gilles (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_22

    Chapter  Google Scholar 

  29. Schridde, C., Freisleben, B.: On the validity of the phi-hiding assumption in cryptographic protocols. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 344–354. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89255-7_21

    Chapter  MATH  Google Scholar 

  30. Seurin, Y.: On the lossiness of the rabin trapdoor function. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 380–398. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54631-0_22

    Chapter  Google Scholar 

  31. Shacham, H.: Short unique signatures from RSA with a tight security reduction (in the random oracle model). In: 22nd Financial Cryptography and Data Security (2018)

    Google Scholar 

  32. Shallit, J., Sorenson, J.: A binary algorithm for the Jacobi symbol. ACM SIGSAM Bull. 27, 4–11 (1993)

    Article  Google Scholar 

  33. Shoup, V.: A Computational Introduction to Number Theory and Algebra. Cambridge University Press, New York (2009)

    MATH  Google Scholar 

  34. Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_7

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Stevens Institute of Technology, Hoboken, USA

    Giuseppe Ateniese

  2. Friedrich-Alexander-Universität Erlangen-Nürnberg, Erlangen, Germany

    Katharina Fech & Bernardo Magri

Authors
  1. Giuseppe Ateniese
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Katharina Fech
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bernardo Magri
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bernardo Magri .

Editor information

Editors and Affiliations

  1. Indian Statistical Institute, Kolkata, India

    Debrup Chakraborty

  2. Nagoya University, Nagoya, Japan

    Tetsu Iwata

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ateniese, G., Fech, K., Magri, B. (2018). A Family of FDH Signature Schemes Based on the Quadratic Residuosity Assumption. In: Chakraborty, D., Iwata, T. (eds) Progress in Cryptology – INDOCRYPT 2018. INDOCRYPT 2018. Lecture Notes in Computer Science(), vol 11356. Springer, Cham. https://doi.org/10.1007/978-3-030-05378-9_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-05378-9_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-05377-2

  • Online ISBN: 978-3-030-05378-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation