Title :
Transitive signatures: new schemes and proofs
Author :
Bellare, Mihir ; Neven, Gregory
Author_Institution :
Dept. of Comput. Sci. & Eng., Univ. of California, La Jolla, CA, USA
fDate :
6/1/2005 12:00:00 AM
Abstract :
We present novel realizations of the transitive signature primitive introduced by Micali and Rivest, enlarging the set of assumptions on which this primitive can be based, and also providing performance improvements over existing schemes. More specifically, we propose new schemes based on factoring, the hardness of the one-more discrete logarithm problem, and gap Diffie-Hellman (DH) groups. All these schemes are proven transitively unforgeable under adaptive chosen-message attack in the standard (not random-oracle) model. We also provide an answer to an open question raised by Micali and Rivest regarding the security of their Rivest-Shamir-Adleman (RSA)-based scheme, showing that it is transitively unforgeable under adaptive chosen-message attack assuming the security of RSA under one-more inversion. We then present hash-based modifications of the RSA, factoring, and gap Diffie-Hellman based schemes that eliminate the need for "node certificates" and thereby yield shorter signatures. These modifications remain provably secure under the same assumptions as the starting scheme, in the random oracle model.
Keywords :
digital signatures; public key cryptography; telecommunication security; DH group; RSA generator; Rivest-Shamir-Adleman based scheme; adaptive chosen-message attack; cryptography; digital signature; discrete logarithm problem; gap Diffie-Hellman; hash-based modification; node certificate; standard model; transitive signature primitive; Computer science; Contracts; DH-HEMTs; Digital signatures; Forgery; Government; Privacy; Public key; Public key cryptography; Security; Cryptography; Rivest– Shamir–Adleman (RSA) generator; digital signatures; transitive signatures;
Journal_Title :
Information Theory, IEEE Transactions on
DOI :
10.1109/TIT.2005.847697
