Skip to main content
SpringerLink
Log in

Impossibility on the Provable Security of the Fiat-Shamir-Type Signatures in the Non-programmable Random Oracle Model

  • Conference paper
  • First Online:
Information Security (ISC 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9866))

Included in the following conference series:

Abstract

On the security of Fiat-Shamir (FS) type signatures, some negative circumstantial evidences were given in the non-programmable random oracle model (NPROM). Fischlin and Fleischhacker first showed an impossibility for specific FS-type signatures via a single-instance reduction. In ISC 2015, Fukumitsu and Hasegawa found another conditions to prove such an impossibility, however their result requires a strong condition on a reduction, i.e. a key-preserving reduction. In this paper, we focus on a non-key-preserving reduction, and then we show that an FS-type signature cannot be proven to be secure in the NPROM via a sequentially multi-instance reduction from the security of the underlying ID scheme. Our result can be interpreted as a generalization of the two impossibility results introduced above.

By applying our impossibility result, the security incompatibility between the DL assumption and the security of the Schnorr signature in the NPROM via a sequentially multi-instance reduction can be shown. Our incompatibility result means that the security of the Schnorr signature is not likely to be proven in the NPROM.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abdalla, M., An, J.H., Bellare, M., Namprempre, C.: From identification to signatures via the Fiat-Shamir transform: necessary and sufficient conditions for security and forward-security. IEEE Trans. Inf. Theor. 54(8), 3631–3646 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  2. Abe, M., Groth, J., Ohkubo, M.: Separating short structure-preserving signatures from non-interactive assumptions. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 628–646. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  3. Abe, M., Haralambiev, K., Ohkubo, M.: Group to group commitments do not shrink. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 301–317. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  4. Bader, C., Jager, T., Li, Y., Schäge, S.: On the impossibility of tight cryptographic reductions. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 273–304. Springer, Heidelberg (2016). doi:10.1007/978-3-662-49896-5_10

    Chapter  Google Scholar 

  5. Baldimtsi, F., Lysyanskaya, A.: On the security of one-witness blind signature schemes. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 82–99. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  6. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: ACM CCS 1993, Fairfax, Virginia, USA, pp. 62–73. ACM Press, New York (1993)

    Google Scholar 

  7. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  8. Boneh, D., Venkatesan, R.: Breaking RSA may not be equivalent to factoring. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 59–71. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  9. Bresson, E., Monnerat, J., Vergnaud, D.: Separation results on the “One-More” computational problems. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 71–87. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  10. Chen, Y., Huang, Q., Zhang, Z.: Sakai-Ohgishi-Kasahara identity-based non-interactive key exchange scheme, revisited. In: Susilo, W., Mu, Y. (eds.) ACISP 2014. LNCS, vol. 8544, pp. 274–289. Springer, Heidelberg (2014)

    Google Scholar 

  11. Coron, J.-S.: Optimal security proofs for PSS and other signature schemes. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 272–287. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Chapter  Google Scholar 

  13. Fischlin, M., Fleischhacker, N.: Limitations of the meta-reduction technique: the case of Schnorr signatures. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 444–460. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  14. Fischlin, M., Lehmann, A., Ristenpart, T., Shrimpton, T., Stam, M., Tessaro, S.: Random oracles with(out) programmability. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 303–320. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Fleischhacker, N., Jager, T., Schröder, D.: On tight security proofs for Schnorr signatures. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 512–531. Springer, Heidelberg (2014)

    Google Scholar 

  16. Fukumitsu, M., Hasegawa, S.: Black-box separations on Fiat-Shamir-type signatures in the non-programmable random oracle model. In: López, J., Mitchell, C.J. (eds.) ISC 2015. LNCS, vol. 9290, pp. 3–20. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  17. Fukumitsu, M., Hasegawa, S., Isobe, S., Koizumi, E., Shizuya, H.: Toward separating the strong adaptive pseudo-freeness from the strong RSA assumption. In: Boyd, C., Simpson, L. (eds.) ACISP. LNCS, vol. 7959, pp. 72–87. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  18. Fukumitsu, M., Hasegawa, S., Isobe, S., Shizuya, H.: On the impossibility of proving security of strong-RSA signatures via the RSA assumption. In: Susilo, W., Mu, Y. (eds.) ACISP 2014. LNCS, vol. 8544, pp. 290–305. Springer, Heidelberg (2014)

    Google Scholar 

  19. Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17(2), 281–308 (1988)

    Article  MathSciNet  MATH  Google Scholar 

  20. Guillou, L.C., Quisquater, J.-J.: A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123–128. Springer, Heidelberg (1988)

    Chapter  Google Scholar 

  21. Katz, J., Wang, N.: Efficiency improvements for signature schemes with tight security reductions. In: ACM CCS 2003. pp. 155–164. ACM, New York (2003)

    Google Scholar 

  22. Kawai, Y., Sakai, Y., Kunihiro, N.: On the (im)possibility results for strong attack models for public key cryptsystems. JISIS 1(2/3), 125–139 (2011)

    Google Scholar 

  23. Nielsen, J.B.: Separating random oracle proofs from complexity theoretic proofs: the non-committing encryption case. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 111–126. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  24. Okamoto, T.: Provably secure and practical identification schemes and corresponding signature schemes. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 31–53. Springer, Heidelberg (1993)

    Chapter  Google Scholar 

  25. Paillier, P., Vergnaud, D.: Discrete-log-based signatures may not be equivalent to discrete log. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 1–20. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  26. Paillier, P., Villar, J.L.: Trading one-wayness against chosen-ciphertext security in factoring-based encryption. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 252–266. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  27. Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptology 13(3), 361–396 (2000)

    Article  MATH  Google Scholar 

  28. Schnorr, C.: Efficient signature generation by smart cards. J. Cryptology 4(3), 161–174 (1991)

    Article  MathSciNet  MATH  Google Scholar 

  29. Seurin, Y.: On the exact security of Schnorr-type signatures in the random oracle model. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 554–571. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  30. Shoup, V.: A proposal for an iso standard for public key encryption. Cryptology ePrint Archive, Report 2001/112 (2001). http://eprint.iacr.org/

  31. Zhang, J., Zhang, Z., Chen, Y., Guo, Y., Zhang, Z.: Black-box separations for one-more (static) CDH and its generalization. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part II. LNCS, vol. 8874, pp. 366–385. Springer, Heidelberg (2014)

    Google Scholar 

  32. Zhang, Z., Chen, Y., Chow, S.S.M., Hanaoka, G., Cao, Z., Zhao, Y.: Black-box separations of hash-and-sign signatures in the non-programmable random oracle model. In: Au, M.-H., et al. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 435–454. Springer, Heidelberg (2015). doi:10.1007/978-3-319-26059-4_24

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Information Media, Hokkaido Information University, Nishi-Nopporo 59-2, Ebetsu, Hokkaido, 069-8585, Japan

    Masayuki Fukumitsu

  2. Graduate School of Information Sciences, Tohoku University, 41 Kawauchi, Aoba-ku, Sendai, Miyagi, 980-8576, Japan

    Shingo Hasegawa

Authors
  1. Masayuki Fukumitsu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shingo Hasegawa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Masayuki Fukumitsu .

Editor information

Editors and Affiliations

  1. University of California , Davies, USA

    Matt Bishop

  2. University of Washington , Tacoma, Washington, USA

    Anderson C A Nascimento

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Fukumitsu, M., Hasegawa, S. (2016). Impossibility on the Provable Security of the Fiat-Shamir-Type Signatures in the Non-programmable Random Oracle Model. In: Bishop, M., Nascimento, A. (eds) Information Security. ISC 2016. Lecture Notes in Computer Science(), vol 9866. Springer, Cham. https://doi.org/10.1007/978-3-319-45871-7_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-45871-7_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-45870-0

  • Online ISBN: 978-3-319-45871-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation