Abstract
We pose a question whether or not the standard RSA assumption is sufficient to prove the security of the strong RSA-based (SRSA-based, for short) signatures. In this paper, we show a negative circumstantial evidence for the question. Namely, several SRSA-based signatures cannot be proven to be sEUF-CMA, or even EUF-KOA, under the RSA assumption as far as a modulus-preserving algebraic reduction is concerned. Our result is obtained as an important application of the adaptive pseudo-free group introduced by Catalano, Fiore and Warinschi that can be regarded as an abstract framework of signatures. We in fact show that the adaptive pseudo-freeness of the RSA group \(\mathbb{Z}_N^\times\) cannot be proven from the RSA assumption via such reductions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abe, M., Groth, J., Ohkubo, M.: Separating Short Structure-Preserving Signatures from Non-Interactive Assumptions. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 628–646. Springer, Heidelberg (2011)
Abe, M., Haralambiev, K., Ohkubo, M.: Group to Group Commitments Do Not Shrink. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 301–317. Springer, Heidelberg (2012)
Aggarwal, D., Maurer, U., Shparlinski, I.: The Equivalence of Strong RSA and Factoring in the Generic Ring Model of Computation. In: Augot, D., Canteaut, A. (eds.) WCC 2011, pp. 17–26 (2011)
Agrawal, M., Kayal, N., Saxena, N.: PRIMES Is in P. Annals of Mathematics 160(2), 781–793 (2004)
Barić, N., Pfitzmann, B.: Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997)
Bellare, M., Rogaway, P.: Random Oracles Are Practical: A Paradigm for Designing Efficient Protocols. In: ACM CCS 1993, Fairfax, Virginia, USA, pp. 62–73. ACM Press, New York (1993)
Boneh, D., Venkatesan, R.: Breaking RSA May Not Be Equivalent to Factoring. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 59–71. Springer, Heidelberg (1998)
Bresson, E., Monnerat, J., Vergnaud, D.: Separation Results on the “One-More” Computational Problems. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 71–87. Springer, Heidelberg (2008)
Camenisch, J., Lysyanskaya, A.: A Signature Scheme with Efficient Protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)
Catalano, D., Fiore, D., Warinschi, B.: Adaptive Pseudo-Free Groups and Applications. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 207–223. Springer, Heidelberg (2011)
Chevallier-Mames, B., Joye, M.: A Practical and Tightly Secure Signature Scheme Without Hash Function. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 339–356. Springer, Heidelberg (2006)
Cramer, R., Shoup, V.: Signature Schemes Based on the Strong RSA Assumption. In: ACM CCS 1999, Kent Ridge Digital Labs, Singapore, pp. 46–51. ACM Press, New York (1999)
Fischlin, M.: The Cramer-Shoup Strong-RSA Signature Scheme Revisited. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 116–129. Springer, Heidelberg (2002)
Fukumitsu, M., Hasegawa, S., Isobe, S., Koizumi, E., Shizuya, H.: Toward Separating the Strong Adaptive Pseudo-Freeness from the Strong RSA Assumption. In: Boyd, C., Simpson, L. (eds.) ACISP 2013. LNCS, vol. 7959, pp. 72–87. Springer, Heidelberg (2013)
Fukumitsu, M., Hasegawa, S., Isobe, S., Shizuya, H.: The RSA Group Is Adaptive Pseudo-Free under the RSA Assumption. IEICE Trans. Fundamentals, Special Section on Cryptography and Information Security E97-A(1), 200–214 (2014)
Fujisaki, E., Okamoto, T.: Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997)
Garg, S., Bhaskar, R., Lokam, S.V.: Improved Bounds on Security Reductions for Discrete Log Based Signatures. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 93–107. Springer, Heidelberg (2008)
Gennaro, R., Halevi, S., Rabin, T.: Secure Hash-and-Sign Signatures Without the Random Oracle. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 123–139. Springer, Heidelberg (1999)
Goldwasser, S., Micali, S., Rivest, R.L.: A Digital Signature Scheme Secure against Adaptive Chosen-Message Attacks. SIAM Journal of Computing 17(2), 281–308 (1988)
Hanaoka, G., Matsuda, T., Schuldt, J.C.N.: On the Impossibility of Constructing Efficient Key Encapsulation and Programmable Hash Functions in Prime Order Groups. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 812–831. Springer, Heidelberg (2012)
Hasegawa, S., Isobe, S., Shizuya, H., Tashiro, K.: On the Pseudo-Freeness and the CDH Assumption. International Journal of Information Security 8(5), 347–355 (2009)
Hofheinz, D., Kiltz, E.: Programmable Hash Functions and Their Applications. J. Cryptology 25(3), 484–527 (2012)
Hohenberger, S., Waters, B.: Short and Stateless Signatures from the RSA Assumption. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 654–670. Springer, Heidelberg (2009)
Jhanwar, M.P., Barua, R.: Sampling from Signed Quadratic Residues: RSA Group Is Pseudofree. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol. 5922, pp. 233–247. Springer, Heidelberg (2009)
Joye, M.: How (Not) to Design Strong-RSA Signatures. Designs, Codes and Cryptography 59(1-3), 169–182 (2011)
Micciancio, D.: The RSA Group is Pseudo-Free. J. Cryptology 23(2), 169–186 (2010)
Naccache, D., Pointcheval, D., Stern, J.: Twin Signatures: An Alternative to the Hash-and-Sign Paradigm. In: ACM CCS 2001, Philadelphia, PA, USA, pp. 20–27. ACM Press, New York (1993)
Paillier, P., Vergnaud, D.: Discrete-Log-Based Signatures May Not Be Equivalent to Discrete Log. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 1–20. Springer, Heidelberg (2005)
Paillier, P., Villar, J.L.: Trading One-Wayness Against Chosen-Ciphertext Security in Factoring-Based Encryption. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 252–266. Springer, Heidelberg (2006)
Paillier, P.: Impossibility Proofs for RSA Signatures in the Standard Model. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 31–48. Springer, Heidelberg (2006)
Rivest, R.L.: On the Notion of Pseudo-Free Groups. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 505–521. Springer, Heidelberg (2004)
Schäge, S.: Twin Signature Schemes, Revisited. In: Pieprzyk, J., Zhang, F. (eds.) ProvSec 2009. LNCS, vol. 5848, pp. 104–117. Springer, Heidelberg (2009)
Schäge, S.: Tight Proofs for Signature Schemes without Random Oracles. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 189–206. Springer, Heidelberg (2011)
Seurin, Y.: On the Exact Security of Schnorr-Type Signatures in the Random Oracle Model. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 554–571. Springer, Heidelberg (2012)
Shamir, A.: On the Generation of Cryptographically Strong Pseudorandom Sequences. ACM Trans. on Computer Systems 1(1), 38–44 (1983)
Villar, J.L.: Optimal Reductions of Some Decisional Problems to the Rank Problem. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 80–97. Springer, Heidelberg (2012)
Zhu, H.: New Digital Signature Scheme Attaining Immunity to Adaptive Chosen-Message Attack. Chinese Journal of Electronics 10(4), 484–486 (2001)
Zhu, H.: A Formal Proof of Zhu’s Signature Scheme. Cryptology ePrint Archive, Report 2003/155 (2003), http://eprint.iacr.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Fukumitsu, M., Hasegawa, S., Isobe, S., Shizuya, H. (2014). On the Impossibility of Proving Security of Strong-RSA Signatures via the RSA Assumption. In: Susilo, W., Mu, Y. (eds) Information Security and Privacy. ACISP 2014. Lecture Notes in Computer Science, vol 8544. Springer, Cham. https://doi.org/10.1007/978-3-319-08344-5_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-08344-5_19
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-08343-8
Online ISBN: 978-3-319-08344-5
eBook Packages: Computer ScienceComputer Science (R0)