A Fully Adaptively Secure Threshold Signature Scheme Based on Dual-Form Signatures Technology

In t , n threshold signature schemes, any subset of t participants out of n can produce a valid signature, but any fewer than t participants cannot. Meanwhile, a threshold signature scheme should remain robust and unforgeable against up to t − 1 corrupted participants. This nonforgeability property is that even an adversary breaking into up to t − 1 participants should be unable to generate signatures on its own. Existential unforgeability against adaptive chosen message attacks is widely considered as a standard security notion for digital signature, and threshold signature should also follow this accordingly. However, there are two special attack models in a threshold signature scheme: one is the static corruption attack and the other is the adaptive corruption attack. Since the adaptive corruption model appears to better capture real threats, designing and proving threshold signature schemes secure in the adaptive corruption model has been focused on in recent years. If a threshold signature is secure under adaptive chosen message attack and adaptive corruption attack, we say it is fully adaptively secure. In this paper, based on the dual pairing vector spaces technology, we construct a threshold signature scheme and use Gerbush et al.’s dual-form signatures technology to prove our scheme, which is fully adaptively secure in the standard model, and then compare it to other schemes in terms of the efficiency and computation.

Download Full-text

Digital signature schemes with strong existential unforgeability

F1000Research ◽

10.12688/f1000research.72910.1 ◽

2021 ◽

Vol 10 ◽

pp. 931

Author(s):

Jason Chia ◽

Ji-Jian Chin ◽

Sook-Chin Yip

Keyword(s):

Digital Signature ◽

Research Community ◽

Security Model ◽

Signature Schemes ◽

Future Directions ◽

Future Design ◽

Design Considerations ◽

Identity Based ◽

Chosen Message Attack ◽

Security Notion

Digital signature schemes (DSS) are ubiquitously used for public authentication in the infrastructure of the internet, in addition to their use as a cryptographic tool to construct even more sophisticated schemes such as those that are identity-based. The security of DSS is analyzed through the existential unforgeability under chosen message attack (EUF-CMA) experiment which promises unforgeability of signatures on new messages even when the attacker has access to an arbitrary set of messages and their corresponding signatures. However, the EUF-CMA model does not account for attacks such as an attacker forging a different signature on an existing message, even though the attack could be devastating in the real world and constitutes a severe breach of the security system. Nonetheless, most of the DSS are not analyzed in this security model, which possibly makes them vulnerable to such an attack. In contrast, a better security notion known as strong EUF-CMA (sEUF-CMA) is designed to be resistant to such attacks. This review aims to identify DSS in the literature that are secure in the sEUF-CMA model. In addition, the article discusses the challenges and future directions of DSS. In our review, we consider the security of existing DSS that fit our criterion in the sEUF-CMA model; our criterion is simple as we only require the DSS to be at least secure against the minimum of existential forgery. Our findings are categorized into two classes: the direct and indirect classes of sEUF-CMA. The former is inherently sEUF-CMA without any modification while the latter requires some transformation. Our comprehensive review contributes to the security and cryptographic research community by discussing the efficiency and security of DSS that are sEUF-CMA, which aids in selecting robust DSS in future design considerations.

Download Full-text

Post-quantum digital signature schemes: setting a hidden group with two-dimensional cyclicity

Informatization and communication ◽

10.34219/2078-8320-2020-11-4-75-82 ◽

2020 ◽

Vol 4 ◽

pp. 75-82

Author(s):

D.Yu. Guryanov ◽

◽

D.N. Moldovyan ◽

A. A. Moldovyan ◽

Keyword(s):

Associative Algebra ◽

Digital Signature ◽

Quantum Signature ◽

Commutative Group ◽

Two Dimensional ◽

Signature Scheme ◽

Signature Schemes ◽

Fixed Element ◽

Commutative Associative Algebra ◽

Quantum Digital Signature

For the construction of post-quantum digital signature schemes that satisfy the strengthened criterion of resistance to quantum attacks, an algebraic carrier is proposed that allows one to define a hidden commutative group with two-dimensional cyclicity. Formulas are obtained that describe the set of elements that are permutable with a given fixed element. A post-quantum signature scheme based on the considered finite non-commutative associative algebra is described.

Download Full-text

Xây dựng lược đồ chữ ký số an toàn từ các lược đồ định danh

Journal of Science and Technology on Information security ◽

10.54654/isj.v8i2.30 ◽

2020 ◽

Vol 8 (2) ◽

pp. 27-33

Author(s):

Võ Đình Linh

Keyword(s):

Digital Signature ◽

Necessary Conditions ◽

Sufficient Condition ◽

Signature Scheme ◽

Identification Scheme ◽

Identification Schemes ◽

Digital Signature Scheme ◽

Chosen Message Attack

Tóm tắt— Trong tài liệu [3], khi trình bày về phương pháp xây dựng lược đồ chữ ký số dựa trên các lược đồ định danh chính tắc nhờ phép biến đổi Fiat-Shamir, tác giả đã chỉ ra “điều kiện đủ” để nhận được một lược đồ chữ ký số an toàn dưới tấn công sử dụng thông điệp được lựa chọn thích nghi là lược đồ định danh chính tắc phải an toàn dưới tấn công bị động. Tuy nhiên, tác giả của [3] chưa chỉ ra “điều kiện cần” đối với các lược đồ định danh chính tắc nhằm đảm bảo tính an toàn cho lược đồ chữ ký số được xây dựng. Do đó, trong bài báo này, chúng tôi hoàn thiện kết quả của [3] bằng việc chỉ ra điều kiện đủ đó cũng chính là điều kiện cần.Abstract— In [3], the author shows that, in order to the digital signature scheme Π' resulting from the Fiat-Shamir transform applied to a canonical identification scheme Π is existentially unforgeable under chosen-message attack then a “sufficient” condition is that the scheme Π has to be secure against a passive attack. However, the author of [3] has not shown the “necessary” conditions for the canonical identification schemes to ensure security of the digital signature scheme Π'. In this paper, we complete this result by showing that sufficient condition is also necessary.

Download Full-text

A Blind Proxy Re-Signatures Scheme Based on Random Oracle

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.204-210.1062 ◽

2011 ◽

Vol 204-210 ◽

pp. 1062-1065 ◽

Cited By ~ 2

Author(s):

Yu Qiao Deng

Keyword(s):

Digital Signature ◽

Digital Signatures ◽

Random Oracle ◽

Proxy Signature ◽

Public Key ◽

Signature Scheme ◽

Signature Schemes

Digital signature schemes allow a signer to transform any message into a signed message, such that anyone can verify the validity of the signed message using the signer’s public key, but only the signer can generate signed messages. A proxy re-signature, which is a type of digital signatures, has significant applications in many areas. Proxy signature scheme was first introduced by Blaze, Bleumer, and Strauss, but that scheme is inefficient and with limited features. After that, some Proxy re-signature schemes were proposed by researchers. This paper constructs a blind proxy re-signatures scheme. Comparing to the previous proxy re-signature schemes, the scheme adds a message blinded feature, and then the security of the scheme is proven.

Download Full-text

Time of signing in the Estonian digital signature scheme

Digital Evidence and Electronic Signature Law Review ◽

10.14296/deeslr.v16i0.5076 ◽

2019 ◽

pp. 40-50

Author(s):

Tõnu Mets ◽

Arnis Parsovs

Keyword(s):

European Union ◽

Digital Signature ◽

Digital Signatures ◽

Signature Scheme ◽

Signature Schemes ◽

Electronic Documents ◽

Legal Requirement ◽

The Public ◽

Digital Signature Scheme ◽

Legal Consequences

There is a widespread misconception among some lawyers, technologists and the public that the Estonian digital signature scheme provides reliable proof of the time when a document was digitally signed. In this article Tõnu Mets and Arnis Parsovs show that the legal requirement to establish the time of signing is not met in practice. The related legal requirement that the validation of the digital signature should confirm that the certificate was valid at the time of signing is also not met. The authors analyse the legal consequences of this, and discuss possible solutions for the issues that arise. They note that digital signature schemes used in other countries implementing Regulation (EU) No 910/2014 of the European Parliament and the Council of 23 July 2014 (eIDAS) are likely to share the problems discussed in this article. Index words: Estonia, European Union, Digital signatures, Electronic documents

Download Full-text

Strongly Unforgeable Ring Signature Scheme from Lattices in the Standard Model

Journal of Applied Mathematics ◽

10.1155/2014/371924 ◽

2014 ◽

Vol 2014 ◽

pp. 1-12

Author(s):

Geontae Noh ◽

Ji Young Chun ◽

Ik Rae Jeong

Keyword(s):

Standard Model ◽

Signature Scheme ◽

Signature Schemes ◽

Ring Signature ◽

Arbitrary Ring ◽

Computational Overhead ◽

The Standard Model ◽

First Time ◽

Strong Unforgeability

In a ring signature scheme, a user selects an arbitrary ring to be able to sign a message on behalf of the ring without revealing the signer’s identity. Whistle-blowers especially find this useful. To date, various ring signature schemes have been proposed, all considered to be secure as existentially unforgeable with respect to insider corruption; that is, an adversary who chooses ring-message pairs for which he requests signatures, corrupts honest users, and obtains their signing keys can not produce forgeries for new ring-message pairs. Lattice-based ring signature schemes offer lower computational overhead and security from quantum attacks. In this paper, we offer a lattice-based scheme. We begin by showing that the existing ring signature schemes are not sufficiently secure, because existential unforgeability still permits a signer to potentially produce a new signature on previously signed messages. Furthermore, we show that existing ring signature schemes from lattices are not even existentially unforgeable with respect to insider corruption. We then improve previous schemes by applying, for the first time, the concept of strong unforgeability with respect to insider corruption to a ring signature scheme in lattices. This offers more security than any previous ring signature scheme: adversaries cannot produce new signatures for any ring-message pair, including previously signed ring-message pairs.

Download Full-text

A Lattice-Based Identity-Based Proxy Blind Signature Scheme in the Standard Model

Mathematical Problems in Engineering ◽

10.1155/2014/307637 ◽

2014 ◽

Vol 2014 ◽

pp. 1-6 ◽

Cited By ~ 8

Author(s):

Lili Zhang ◽

Yanqin Ma

Keyword(s):

Number Theory ◽

Standard Model ◽

Blind Signature ◽

Signature Scheme ◽

Signature Schemes ◽

Proxy Blind Signature ◽

The Standard Model ◽

Identity Based ◽

Lattice Based Cryptography ◽

Solution Problem

A proxy blind signature scheme is a special form of blind signature which allowed a designated person called proxy signer to sign on behalf of original signers without knowing the content of the message. It combines the advantages of proxy signature and blind signature. Up to date, most proxy blind signature schemes rely on hard number theory problems, discrete logarithm, and bilinear pairings. Unfortunately, the above underlying number theory problems will be solvable in the postquantum era. Lattice-based cryptography is enjoying great interest these days, due to implementation simplicity and provable security reductions. Moreover, lattice-based cryptography is believed to be hard even for quantum computers. In this paper, we present a new identity-based proxy blind signature scheme from lattices without random oracles. The new scheme is proven to be strongly unforgeable under the standard hardness assumption of the short integer solution problem (SIS) and the inhomogeneous small integer solution problem (ISIS). Furthermore, the secret key size and the signature length of our scheme are invariant and much shorter than those of the previous lattice-based proxy blind signature schemes. To the best of our knowledge, our construction is the first short lattice-based identity-based proxy blind signature scheme in the standard model.

Download Full-text

Anr-Hiding Revocable Group Signature Scheme: Group Signatures with the Property of Hiding the Number of Revoked Users

Journal of Applied Mathematics ◽

10.1155/2014/983040 ◽

2014 ◽

Vol 2014 ◽

pp. 1-14 ◽

Cited By ~ 6

Author(s):

Keita Emura ◽

Atsuko Miyaji ◽

Kazumasa Omote

Keyword(s):

Negative Information ◽

Displaced Workers ◽

Group Signature ◽

Signature Scheme ◽

Signature Schemes ◽

Group Signatures ◽

A Company ◽

Security Notion

If there are many displaced workers in a company, then a person who goes for job hunting might not select this company. That is, the number of members who quit is quite negative information. Similarly, in revocable group signature schemes, if one knows (or guesses) the number of revoked users (sayr), then one may guess the reason behind such circumstances, and it may lead to harmful rumors. However, no previous revocation procedure can achieve hidingr. In this paper, we propose the first revocable group signature scheme, whereris kept hidden, which we callr-hiding revocable group signature. To handle this property, we newly define the security notion called anonymity with respect to the revocation which guarantees the unlinkability of revoked users.

Download Full-text

Digital Signatures in a Quantum World: Evaluating The Trade-off Between Performance and Security for GeMSS

10.5753/wrac.2019.14034 ◽

2019 ◽

Author(s):

Paulo Ricardo Reis ◽

Fábio Borges

Keyword(s):

Quantum Computing ◽

Digital Signature ◽

Quantum Computer ◽

Signature Scheme ◽

Signature Schemes ◽

Trade Off ◽

Signature Generation ◽

Security Parameter ◽

Verification Process ◽

Definition Of

With the advent of quantum computing, it urges the deﬁnition of a cryptographic standard algorithm that can resist attacks from a quantum computer. Inside this context is GeMSS, a multivariate quadratic signature scheme based on the HFEvconstruct. Schemes of this type have shown great potential throughout the last two decades. This paper traces a comparison of performance and security between GeMSS and other relevant digital signature schemes, showing that despite of its slow signature generation and large key pair, it has a very quick veriﬁcation process and tiny signatures. It also proposes a method for deriving the size of keys from the security parameter evaluated.

Download Full-text

Convertible Undeniable Signatures

DAIMI Report Series ◽

10.7146/dpb.v19i330.6719 ◽

1990 ◽

Vol 19 (330) ◽

Cited By ~ 2

Author(s):

Joan Boyar ◽

David Chaum ◽

Ivan Bjerre Damgård ◽

Torben Pryds Pedersen

Keyword(s):

Digital Signature ◽

Digital Signatures ◽

Signature Scheme ◽

Signature Schemes ◽

Added Benefit ◽

Undeniable Signature

<p>We introduce a new concept called convertible undeniable signature schemes.</p><p>In these schemes, release of a single bit string by the signer turns all of his signatures, which were originally undeniable signatures, into ordinary digital signatures. We prove that the existence of such schemes is implied by the existence of digital signature schemes. Then, looking at the problem more practically, we present a very efficient convertible undeniable signature scheme. This scheme has the added benefit that signatures can also be selectively converted.</p>

Download Full-text