The search functionality is under construction.

The search functionality is under construction.

Unforgeability of digital signatures is closely related to the security of hash functions since hashing messages, such as *hash-and-sign* paradigm, is necessary in order to sign (arbitrarily) long messages. Recent successful collision finding attacks against practical hash functions would indicate that constructing practical collision resistant hash functions is difficult to achieve. Thus, it is worth considering to relax the requirement of collision resistance for hash functions that is used to hash messages in signature schemes. Currently, the most efficient strongly unforgeable signature scheme in the standard model which is based on the CDH assumption (in bilinear groups) is the Boneh-Shen-Waters (BSW) signature proposed in 2006. In their scheme, however, a collision resistant hash function is necessary to prove its security. In this paper, we construct a signature scheme which has the same properties as the BSW scheme but does not rely on collision resistant hash functions. Instead, we use a target collision resistant hash function, which is a strictly weaker primitive than a collision resistant hash function. Our scheme is, in terms of the signature size and the computational cost, as efficient as the BSW scheme.

- Publication
- IEICE TRANSACTIONS on Information Vol.E91-D No.5 pp.1466-1476

- Publication Date
- 2008/05/01

- Publicized

- Online ISSN
- 1745-1361

- DOI
- 10.1093/ietisy/e91-d.5.1466

- Type of Manuscript
- Special Section PAPER (Special Section on Information and Communication System Security)

- Category
- Cryptographic Techniques

The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.

Copy

Takahiro MATSUDA, Nuttapong ATTRAPADUNG, Goichiro HANAOKA, Kanta MATSUURA, Hideki IMAI, "A Strongly Unforgeable Signature under the CDH Assumption without Collision Resistant Hash Functions" in IEICE TRANSACTIONS on Information,
vol. E91-D, no. 5, pp. 1466-1476, May 2008, doi: 10.1093/ietisy/e91-d.5.1466.

Abstract: Unforgeability of digital signatures is closely related to the security of hash functions since hashing messages, such as *hash-and-sign* paradigm, is necessary in order to sign (arbitrarily) long messages. Recent successful collision finding attacks against practical hash functions would indicate that constructing practical collision resistant hash functions is difficult to achieve. Thus, it is worth considering to relax the requirement of collision resistance for hash functions that is used to hash messages in signature schemes. Currently, the most efficient strongly unforgeable signature scheme in the standard model which is based on the CDH assumption (in bilinear groups) is the Boneh-Shen-Waters (BSW) signature proposed in 2006. In their scheme, however, a collision resistant hash function is necessary to prove its security. In this paper, we construct a signature scheme which has the same properties as the BSW scheme but does not rely on collision resistant hash functions. Instead, we use a target collision resistant hash function, which is a strictly weaker primitive than a collision resistant hash function. Our scheme is, in terms of the signature size and the computational cost, as efficient as the BSW scheme.

URL: https://global.ieice.org/en_transactions/information/10.1093/ietisy/e91-d.5.1466/_p

Copy

@ARTICLE{e91-d_5_1466,

author={Takahiro MATSUDA, Nuttapong ATTRAPADUNG, Goichiro HANAOKA, Kanta MATSUURA, Hideki IMAI, },

journal={IEICE TRANSACTIONS on Information},

title={A Strongly Unforgeable Signature under the CDH Assumption without Collision Resistant Hash Functions},

year={2008},

volume={E91-D},

number={5},

pages={1466-1476},

abstract={Unforgeability of digital signatures is closely related to the security of hash functions since hashing messages, such as *hash-and-sign* paradigm, is necessary in order to sign (arbitrarily) long messages. Recent successful collision finding attacks against practical hash functions would indicate that constructing practical collision resistant hash functions is difficult to achieve. Thus, it is worth considering to relax the requirement of collision resistance for hash functions that is used to hash messages in signature schemes. Currently, the most efficient strongly unforgeable signature scheme in the standard model which is based on the CDH assumption (in bilinear groups) is the Boneh-Shen-Waters (BSW) signature proposed in 2006. In their scheme, however, a collision resistant hash function is necessary to prove its security. In this paper, we construct a signature scheme which has the same properties as the BSW scheme but does not rely on collision resistant hash functions. Instead, we use a target collision resistant hash function, which is a strictly weaker primitive than a collision resistant hash function. Our scheme is, in terms of the signature size and the computational cost, as efficient as the BSW scheme.},

keywords={},

doi={10.1093/ietisy/e91-d.5.1466},

ISSN={1745-1361},

month={May},}

Copy

TY - JOUR

TI - A Strongly Unforgeable Signature under the CDH Assumption without Collision Resistant Hash Functions

T2 - IEICE TRANSACTIONS on Information

SP - 1466

EP - 1476

AU - Takahiro MATSUDA

AU - Nuttapong ATTRAPADUNG

AU - Goichiro HANAOKA

AU - Kanta MATSUURA

AU - Hideki IMAI

PY - 2008

DO - 10.1093/ietisy/e91-d.5.1466

JO - IEICE TRANSACTIONS on Information

SN - 1745-1361

VL - E91-D

IS - 5

JA - IEICE TRANSACTIONS on Information

Y1 - May 2008

AB - Unforgeability of digital signatures is closely related to the security of hash functions since hashing messages, such as *hash-and-sign* paradigm, is necessary in order to sign (arbitrarily) long messages. Recent successful collision finding attacks against practical hash functions would indicate that constructing practical collision resistant hash functions is difficult to achieve. Thus, it is worth considering to relax the requirement of collision resistance for hash functions that is used to hash messages in signature schemes. Currently, the most efficient strongly unforgeable signature scheme in the standard model which is based on the CDH assumption (in bilinear groups) is the Boneh-Shen-Waters (BSW) signature proposed in 2006. In their scheme, however, a collision resistant hash function is necessary to prove its security. In this paper, we construct a signature scheme which has the same properties as the BSW scheme but does not rely on collision resistant hash functions. Instead, we use a target collision resistant hash function, which is a strictly weaker primitive than a collision resistant hash function. Our scheme is, in terms of the signature size and the computational cost, as efficient as the BSW scheme.

ER -