57,796 research outputs found
Short One-Time Signatures
We present a new one-time signature scheme having short signatures. Our new scheme supports aggregation, batch verification, and admits efficient proofs of knowledge. It has a fast signing algorithm, requiring only modular additions, and its verification cost is comparable to ECDSA verification. These properties make our scheme suitable for applications on resource-constrained devices such as smart cards and sensor nodes. Along the way, we give a unified description of five previous one-time signature schemes and improve parameter selection for these schemes, and as a corollary we give a fail-stop signature scheme with short signatures
Digital Signature Methods
U ovom radu smo se upoznali s digitalnim potpisom, objasnili zašto nam je važan
te koje su njegove prednosti. Neki od kriptosustava zasnivaju se na problemu faktorizacije, a najpoznatiji od njih su svakako RSA te Rabinov kriptosustav. Oni su predstavljeni u prvom poglavlju rada. Nakon što smo se upoznali s njima, promotrili smo i istoimene sheme potpisa koje su nastale od tih kriptosustava. U drugom je poglavlju naglasak bio na DSA shemu potpisa koja je nastala prema ElGamalovom kriptosustavu, odnosno ElGamalovoj shemi potpisa. Za razliku od RSA i Rabinovog kriptosustava, ElGamalov kriptosustav je zasnovan na problemu diskretnog logaritma kojeg smo također spomenuli u radu. U sljedeća dva poglavlja definirana je nepobitna shema potpisa te fail-stop shema potpisa. Nepobitna shema potpisa za potrebu
provjere traĹľi suradnju potpisnika, dok fail-stop potpisi pruĹľaju dodatnu sigurnost od
krivotvorenja. Za sve navedene sheme priloĹľen je ilustrativni primjer na kojem su
uoÄŤljive karakteristike promotrenog potpisa.In this paper we introduced digital signature, explain its importance and its advantages. Some of the cryptosystem are based on the factorization problem and few of them are RSA and Rabin cryptosystem. They are represented in the first chapter as
well as corresponding signature schemes. The basis of the second chapter is the DSA signature scheme which is related to the ElGamal cryptosytem and signature scheme.
ElGamal cryptosystem is based on the discrete logarithm problem which is also one of
the topics in the paper. In addition is defined an undeniable signature scheme and a
fail-stop signature scheme. For every scheme that is mentioned in this paper there is
corresponding illustrative example
Forgery-Resilience for Digital Signature Schemes
We introduce the notion of forgery-resilience for digital signature schemes, a new paradigm for digital signature schemes exhibiting desirable legislative properties. It evolves around the idea that, for any message, there can only be a unique valid signature, and exponentially many acceptable signatures, all but one of them being spurious. This primitive enables a judge to verify whether an alleged forged signature is indeed a forgery. In particular, the scheme considers an adversary who has access to a signing oracle and an oracle that solves a “hard” problem, and who tries to produce a signature that appears to be acceptable from a verifier’s point of view. However, a judge can tell apart such a spurious signature from a signature that is produced by an honest signer. This property is referred to as validatibility. Moreover, the scheme provides undeniability against malicious signers who try to fabricate spurious signatures and deny them later by showing that they are not valid. Last but not least, trustability refers to the inability of a malicious judge trying to forge a valid signature. This notion for signature schemes improves upon the notion of fail-stop signatures in different ways. For example, it is possible to sign more than one messages with forgery-resilient signatures and once a forgery is found, the credibility of a previously signed signature is not under question. A concrete instance of a forgery-resilient signature scheme is constructed based on the hardness of extracting roots of higher residues, which we show to be equivalent to the factoring assumption. In particular, using collision-free accumulators, we present a tight reduction from malicious signers to adversaries against the factoring problem. Meanwhile, a secure pseudorandom function ensures that no polynomially-bounded cheating verifier, who can still solve hard problems, is able to forge valid signatures. Security against malicious judges is based on the RSA assumption
A Digital Signature Scheme for Long-Term Security
In this paper we propose a signature scheme based on two intractable
problems, namely the integer factorization problem and the discrete logarithm
problem for elliptic curves. It is suitable for applications requiring
long-term security and provides a more efficient solution than the existing
ones
Bitcoin Transaction Malleability and MtGox
In Bitcoin, transaction malleability describes the fact that the signatures
that prove the ownership of bitcoins being transferred in a transaction do not
provide any integrity guarantee for the signatures themselves. This allows an
attacker to mount a malleability attack in which it intercepts, modifies, and
rebroadcasts a transaction, causing the transaction issuer to believe that the
original transaction was not confirmed. In February 2014 MtGox, once the
largest Bitcoin exchange, closed and filed for bankruptcy claiming that
attackers used malleability attacks to drain its accounts. In this work we use
traces of the Bitcoin network for over a year preceding the filing to show
that, while the problem is real, there was no widespread use of malleability
attacks before the closure of MtGox
- …