
For FullText PDF, please login, if you are a member of IEICE,
or go to Pay Per View on menu list, if you are a nonmember of IEICE.

BlackBox Separations on FiatShamirType Signatures in the NonProgrammable Random Oracle Model
Masayuki FUKUMITSU Shingo HASEGAWA
Publication
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Vol.E101A
No.1
pp.7787 Publication Date: 2018/01/01
Online ISSN: 17451337
DOI: 10.1587/transfun.E101.A.77
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security) Category: Keyword: FiatShamir transformation, nonprogrammable random oracle model, metareduction,
Full Text: PDF(1.2MB) >>Buy this Article
Summary:
In recent years, Fischlin and Fleischhacker showed the impossibility of proving the security of specific types of FStype signatures, the signatures constructed by the FiatShamir transformation, via a singleinstance reduction in the nonprogrammable random oracle model (NPROM, for short). In this paper, we pose a question whether or not the impossibility of proving the security of any FStype signature can be shown in the NPROM. For this question, we show that each FStype signature cannot be proven to be secure via a keypreserving reduction in the NPROM from the security against the impersonation of the underlying identification scheme under the passive attack, as long as the identification scheme is secure against the impersonation under the active attack. We also show the security incompatibility between the security of some FStype signatures in the NPROM via a singleinstance keypreserving reduction and the underlying cryptographic assumptions. By applying this result to the Schnorr signature, one can prove the incompatibility between the security of the Schnorr signature in this situation and the discrete logarithm assumption, whereas Fischlin and Fleischhacker showed that such an incompatibility cannot be proven via a nonkeypreserving reduction.

