HORSIC+: An Efficient Post-Quantum Few-Time Signature Scheme

It is well known that conventional digital signature algorithms such as RSA and ECDSA are vulnerable to quantum computing attacks. Hash-based signature schemes are attractive as post-quantum signature schemes in that it is possible to calculate the quantitative security level and the security is proven. SPHINCS is a stateless hash-based signature scheme and introduces HORST few-time signature scheme which is an improvement of HORS. However, HORST as well as HORS suffers from pretty large signature sizes. HORSIC is proposed to reduce the signature size, yet does not provide in-depth security analysis. In this paper, we propose HORSIC+, which is an improvement of HORSIC. HORSIC+ differs from HORSIC in that HORSIC+ does not apply f as a plain function to the signature key, but uses a member of a function family. In addition, HORSIC+ uses the chaining function similar to W-OTS+. These enable the strict security proof without the need for the used function family to be a permutation or collision resistant. HORSIC+ is existentially unforgeable under chosen message attacks, assuming a second-preimage resistant family of undetectable one-way functions and cryptographic hash functions in the random oracle model. HORSIC+ reduces the signature size by as much as 37.5% or 18.75% compared to HORS and by as much as 61.5% or 45.8% compared to HORST for the same security level.

Download Full-text

Security of signature schemes in the presence of key-dependent messages

Tatra Mountains Mathematical Publications ◽

10.2478/v10127-010-0029-2 ◽

2010 ◽

Vol 47 (1) ◽

pp. 15-29

Author(s):

Madeline González Muñiz ◽

Rainer Steinwndt

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Signature Scheme ◽

Forward Security ◽

Signature Schemes ◽

Encryption Schemes ◽

Time Signature ◽

Made In

Abstract In recent years, quite some progress has been made in understand- ing the security of encryption schemes in the presence of key-dependent plaintexts. Here, we motivate and explore the security of a setting, where an adversary against a signature scheme can access signatures on key-dependent messages. We propose a way to formalize the security of signature schemes in the pres- ence of key-dependent signatures (KDS). It turns out that the situation is quite different from key-dependent encryption: already to achieve KDS-security under non-adaptive chosen message attacks, the use of a stateful signing algorithm is inevitable-even in the random oracle model. After discussing the connection be- tween key-dependent signing and forward security, we present a compiler to lift any EUF-CMA secure one-time signature scheme to a forward secure signature scheme offering KDS-CMA security.

Download Full-text

A Tag-Based Signature Scheme with Shorter Signature Length

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.571-572.69 ◽

2014 ◽

Vol 571-572 ◽

pp. 69-73

Author(s):

Xiu Hua Lu ◽

Jie Fang

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Signature Scheme ◽

Signature Schemes ◽

Security Proof ◽

Fixed Dimension ◽

Aggregation Techniques ◽

Original Scheme ◽

Lattice Based Cryptography ◽

Half Length

Florian Böhl et al. introduced tag-based signature schemes in 2013. We focus on their SIS-based tag-based signature scheme in lattice-based cryptography. Without aggregation techniques in lattice-based signatures, their tag-based signature has long signature length. We use the technique of lattice basis delegation with fixed dimension to shorten the signature length. Compared with the original scheme, our scheme’s signature is one-half length, at the price of security proof in the random oracle model.

Download Full-text

Provable Security of The Generalized ElGamal Signature Scheme

Journal of Mathematics Research ◽

10.5539/jmr.v11n6p77 ◽

2019 ◽

Vol 11 (6) ◽

pp. 77 ◽

Cited By ~ 1

Author(s):

Demba Sow ◽

Mamadou Ghouraissiou Camara

Keyword(s):

Provable Security ◽

Random Oracle Model ◽

Random Oracle ◽

Signature Scheme ◽

Signature Schemes ◽

Security Proof ◽

New Variant ◽

Elgamal Signature

A new variant of the ElGamal signature scheme called "a Generalized ElGamal signature scheme" is proposed in 2011. The Generalized ElGamal signature scheme is a modified ElGamal signature scheme. In this paper, we propose the security proof of the Generalized ElGamal signature scheme in the random oracle model. First, we recall some security notions of signature schemes and show the security of the modified ElGamal Signature scheme.

Download Full-text

Secure and Efficient Certificateless Signature and Blind Signature Scheme from Pairings

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.457-458.1262 ◽

2013 ◽

Vol 457-458 ◽

pp. 1262-1265

Author(s):

Min Qin Chen ◽

Qiao Yan Wen ◽

Zheng Ping Jin ◽

Hua Zhang

Keyword(s):

Random Oracle Model ◽

Public Key Cryptography ◽

Random Oracle ◽

Blind Signature ◽

Public Key ◽

Signature Scheme ◽

Signature Schemes ◽

Diffie Hellman ◽

Identity Based ◽

Certificateless Signature

Based an identity-based signature scheme, we givea certificateless signature scheme. And then we propose a certificateless blind signature (CLBS) scheme in this paper. This schemeis more efficient than those of previous schemes by pre-computing the pairing e (P, P)=g. Based on CL-PKC, it eliminates theusing of certificates in the signature scheme with respect to thetraditional public key cryptography (PKC) and solves key escrowproblems in ID-based signature schemes. Meanwhile it retains themerits of BS schemes. The proposed CLBS scheme is existentialunforgeable in the random oracle model under the intractabilityof the q-Strong Diffie-Hellman problem.

Download Full-text

Provably Secure Lattice-Based Self-Certified Signature Scheme

Security and Communication Networks ◽

10.1155/2021/2459628 ◽

2021 ◽

Vol 2021 ◽

pp. 1-9

Author(s):

Qiang Yang ◽

Daofeng Li

Keyword(s):

Computational Cost ◽

Random Oracle Model ◽

Random Oracle ◽

Public Key ◽

Communication Overhead ◽

Small Integer ◽

Signature Scheme ◽

Signature Schemes ◽

The Public ◽

Security Technologies

Digital signatures are crucial network security technologies. However, in traditional public key signature schemes, the certificate management is complicated and the schemes are vulnerable to public key replacement attacks. In order to solve the problems, in this paper, we propose a self-certified signature scheme over lattice. Using the self-certified public key, our scheme allows a user to certify the public key without an extra certificate. It can reduce the communication overhead and computational cost of the signature scheme. Moreover, the lattice helps prevent quantum computing attacks. Then, based on the small integer solution problem, our scheme is provable secure in the random oracle model. Furthermore, compared with the previous self-certified signature schemes, our scheme is more secure.

Download Full-text

On the General Construction of Tightly Secure Identity-Based Signature Schemes

The Computer Journal ◽

10.1093/comjnl/bxaa011 ◽

2020 ◽

Vol 63 (12) ◽

pp. 1835-1848

Author(s):

Ge Wu ◽

Zhen Zhao ◽

Fuchun Guo ◽

Willy Susilo ◽

Futai Zhang

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

General Construction ◽

Security Level ◽

Signature Schemes ◽

Small Constant ◽

Security Parameter ◽

Cryptographic Primitive ◽

Identity Based ◽

Tight Security

Abstract A tightly secure scheme has a reduction, where the reduction loss is a small constant. Identity-based signature (IBS) is an important cryptographic primitive, and tightly secure IBS schemes enjoy the advantage that the security parameter can be optimal to achieve a certain security level. General constructions of IBS schemes (Bellare, M., Namprempre, C., and Neven, G. (2004) Security Proofs for Identity-Based Identification and Signature Schemes. In Proc. EUROCRYPT 2004, May 2–6, pp. 268–286. Springer, Berlin, Interlaken, Switzerland; Galindo, D., Herranz, J., and Kiltz, E. (2006) On the Generic Construction of Identity-Based Signatures With Additional Properties. In Proceedings of ASIACRYPT 2006, December 3–7, pp. 178–193. Springer, Berlin, Shanghai, China) and their security have been extensively studied. However, the security is not tight and how to generally construct a tightly secure IBS scheme remains unknown. In this paper, we concentrate on the general constructions of IBS schemes. We first take an insight into previous constructions and analyze the reason why it cannot achieve tight security. To further study possible tightly secure constructions, we propose another general construction, which could be seen as a different framework of IBS schemes. Our construction requires two traditional signature schemes, whereas the construction by Bellare et al. uses one scheme in a two-round iteration. There are no additional operations in our general construction. Its main advantage is providing the possibility of achieving tight security for IBS schemes in the random oracle model. Combining two known signature schemes, we present an efficient IBS scheme with tight security as an example.

Download Full-text

New Signature and Multi-Signature Schemes with Tight Security Reduction Based on D-DDH Problem

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.263-266.3052 ◽

2012 ◽

Vol 263-266 ◽

pp. 3052-3059

Author(s):

Ze Cheng Wang

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Signature Scheme ◽

Signature Schemes ◽

Main Method ◽

Discrete Logarithms ◽

Diffie Hellman ◽

Intractable Problem ◽

Tight Security

Based on the newly introduced d-decisional Diffie-Hellman (d-DDH) intractable problem, a signature scheme and a multi-signature scheme are proposed. The main method in the constructions is a transformation of a knowledge proof on the equality of two discrete logarithms. The two schemes are proved secure in the random oracle model and the security reductions to the d-DDH problem are tight. Moreover, one can select different d for different security demand of applications. Thus the schemes are secure, efficient and practical.

Download Full-text

Security Analysis of a Certificateless Signature from Lattices

Security and Communication Networks ◽

10.1155/2017/3413567 ◽

2017 ◽

Vol 2017 ◽

pp. 1-7

Author(s):

Seunghwan Chang ◽

Hyang-Sook Lee ◽

Juhee Lee ◽

Seongan Lim

Keyword(s):

Hash Function ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Strong Type ◽

Security Proof ◽

Forking Lemma ◽

Certificateless Signature ◽

Adversarial Model

Tian and Huang proposed a lattice-based CLS scheme based on the hardness of the SIS problem and proved, in the random oracle model, that the scheme is existentially unforgeable against strong adversaries. Their security proof uses the general forking lemma under the assumption that the underlying hash function H is a random oracle. We show that the hash function in the scheme is neither one-way nor collision-resistant in the view of a strong Type 1 adversary. We point out flaws in the security arguments and present attack algorithms that are successful in the strong Type 1 adversarial model using the weak properties of the hash function.

Download Full-text

A Provably Secure ID-Based Designated Verifier Proxy Signature Scheme Based on DLP

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.411-414.721 ◽

2013 ◽

Vol 411-414 ◽

pp. 721-724 ◽

Cited By ~ 1

Author(s):

Bao Dian Wei

Keyword(s):

Discrete Logarithm ◽

Random Oracle Model ◽

Random Oracle ◽

Proxy Signature ◽

Signature Scheme ◽

Signature Schemes ◽

The Common ◽

Designated Verifier ◽

Provably Secure

Most of the existing ID-based designated verifier proxy signature schemes are implemented with pairings. The computation of parings is still much more expensive than the common modular multiplications and exponentiations. To obtain better efficiency, we construct an efficient ID-based DVPS scheme without pairings. The scheme is designed based on the hardness of the discrete logarithm problems. It is proven secure against adaptively chosen message attacks, in the random oracle model.

Download Full-text

Linkable Ring Signature Scheme Using Biometric Cryptosystem and NIZK and Its Application

Security and Communication Networks ◽

10.1155/2021/7266564 ◽

2021 ◽

Vol 2021 ◽

pp. 1-14

Author(s):

Xuechun Mao ◽

Lin You ◽

Chengtang Cao ◽

Gengran Hu ◽

Liqin Hu

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Identity Authentication ◽

Signature Scheme ◽

Secret Key ◽

Ring Signature ◽

Transaction Model ◽

Security Proof ◽

Biometric Encryption ◽

Biometric Cryptosystem

Biometric encryption, especially based on fingerprint, plays an important role in privacy protection and identity authentication. In this paper, we construct a privacy-preserving linkable ring signature scheme. In our scheme, we utilize a fuzzy symmetric encryption scheme called symmetric keyring encryption (SKE) to hide the secret key and use non-interactive zero-knowledge (NIZK) protocol to ensure that we do not leak any information about the message. Unlike the blind signature, we use NIZK protocol to cancel the interaction between the signer (the prover) and the verifier. The security proof shows that our scheme is secure under the random oracle model. Finally, we implement it on a personal computer and analyze the performance of the constructed scheme in practical terms. Based on the constructed scheme and demo, we give an anonymous cryptocurrency transaction model as well as mobile demonstration.

Download Full-text