
For FullText PDF, please login, if you are a member of IEICE,
or go to Pay Per View on menu list, if you are a nonmember of IEICE.

A Strongly Unforgeable Signature under the CDH Assumption without Collision Resistant Hash Functions
Takahiro MATSUDA Nuttapong ATTRAPADUNG Goichiro HANAOKA Kanta MATSUURA Hideki IMAI
Publication
IEICE TRANSACTIONS on Information and Systems
Vol.E91D
No.5
pp.14661476 Publication Date: 2008/05/01 Online ISSN: 17451361
DOI: 10.1093/ietisy/e91d.5.1466 Print ISSN: 09168532 Type of Manuscript: Special Section PAPER (Special Section on Information and Communication System Security) Category: Cryptographic Techniques Keyword: digital signature, strong unforgeability, target collision resistant hash function, standard model,
Full Text: PDF>>
Summary:
Unforgeability of digital signatures is closely related to the security of hash functions since hashing messages, such as hashandsign paradigm, is necessary in order to sign (arbitrarily) long messages. Recent successful collision finding attacks against practical hash functions would indicate that constructing practical collision resistant hash functions is difficult to achieve. Thus, it is worth considering to relax the requirement of collision resistance for hash functions that is used to hash messages in signature schemes. Currently, the most efficient strongly unforgeable signature scheme in the standard model which is based on the CDH assumption (in bilinear groups) is the BonehShenWaters (BSW) signature proposed in 2006. In their scheme, however, a collision resistant hash function is necessary to prove its security. In this paper, we construct a signature scheme which has the same properties as the BSW scheme but does not rely on collision resistant hash functions. Instead, we use a target collision resistant hash function, which is a strictly weaker primitive than a collision resistant hash function. Our scheme is, in terms of the signature size and the computational cost, as efficient as the BSW scheme.

