A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks

@article{Goldwasser1988ADS,
  title={A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks},
  author={Shafi Goldwasser and Silvio Micali and Ronald L. Rivest},
  journal={SIAM J. Comput.},
  year={1988},
  volume={17},
  pages={281-308},
  url={https://api.semanticscholar.org/CorpusID:1715998}
}
A digital signature scheme based on the computational difficulty of integer factorization possesses the novel property of being robust against an adaptive chosen-message attack: an adversary who receives signatures for messages of his choice cannot later forge the signature of even a single additional message.
View via Publisher
csee.wvu.edu
2,990 Citations
Highly Influential Citations
202
Background Citations
1,165
Methods Citations
502
Results Citations
21

Figures from this paper

2,990 Citations

Threshold-directed signature scheme based on hybrid number theoretic problems

A new threshold-directed signature scheme based on integer factorization and discrete logarithm problems based on the assumption that it is very unlikely to solve two hard number theoretic problems simultaneously is proposed.

Forgery-resilience for digital signature schemes

We introduce the notion of forgery-resilience for digital signature schemes, a new paradigm exhibiting desirable legislative properties. It evolves around the idea that, for any message, there can…

Efficient and Provable Security Amplifications

This work exhibits a similar security amplification, which takes the given scheme to a new signature scheme that is not even existentially forgeable under adaptively chosen message attacks.

A Provably Secure Short Transitive Signature Scheme from Bilinear Group Pairs

The transitive signature scheme is proven secure, i.e. transitively unforgeable under adaptive chosen message attack, assuming hardness of the computational co-Diffie-Hellman problem in bilinear group pairs and the security of the underlying standard signature scheme under known message attack.

New Generation of Secure and Practical RSA-Based Signatures

Under an appropriate assumption about RSA, the scheme is proven to be not existentially forgeable under adaptively chosen message attacks and presented a digital signature that offers both proven security and practical value.

Generic security-amplifying methods of ordinary digital signatures

Towards provably secure proxy signature scheme based on Isomorphisms of Polynomials

Unique Signatures and Verifiable Random Functions from the DH-DDH Separation

This work gives a construction of a unique signature scheme based on a generalization of the Diffie-Hellman assumption in groups where decisional Diffie/Hellman is easy and several recent results suggest plausibility of such groups.

Threshold Fail-Stop Signature Schemes Based on Discrete Logarithm and Factorization

A new Fail-Stop Signature scheme whose security is based on discrete logarithm modulo a composite number, and integer factorization is proposed, and it is shown that it is as efficient as the most efficient previously known FSS scheme.

Simple forward-secure signatures from any signature scheme

An eÆcient and extremely simple construction of forward-secure signatures based on any regular signature scheme (e.g., RSA and DSS); the resultant signatures enjoy size-parameters that are independent of the number of periods.
...

37 References

Strong signature schemes

Two signature schemes are exhibited for which any strategy of an adversary, who has seen all previously signed messages, that has a moderate success in forging even a single additional signature is transformable to a fast algorithm for factoring or inverting the RSA function.

A Fast Signature Scheme Based on Quadratic Inequalities

A new digital signature scheme is proposed in which the computation time is several hundred times faster than the RSA scheme and in which the key length and signature length are almost comparable to…

An efficient signature scheme based on quadratic equations

A novel property of the new signature scheme is that legitimate users can choose k in such a way that they can sign messages even without knowing the factorization of n, and thus everyone can use the same modulus if no one knows its factorization.

A method for obtaining digital signatures and public-key cryptosystems

An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key, soriers or other secure means are not needed to transmit keys.

An Attack on a Signature Scheme Proposed by Okamoto and Shiraishi

If the system is used as it is presented, an opponent could sign messages without factoring the modulus and a modification is suggested which may not have the same flaw as the proposed scheme.

Uniform Complexity and Digital Signatures

Digital Signatures - An Overview

    S. Matyas
    Computer Science
    Comput. Networks
  • 1979

Hiding information and signatures in trapdoor knapsacks

Specific instances of the knapsack problem that appear very difficult to solve unless one possesses "trapdoor information" used in the design of the problem are demonstrated.

Probabilistic Encryption

Breaking the Ong-Schnorr-Shamir Signature Scheme for Quadratic Number Fields

It is shown that the OSS system in Z[\sqrt d ] is also breakable, and the method is to reduce the problem of solving the congruence over the ring of elements of the ring with respect to the integers to the issue of solving Pollard’s algorithm.