Cited By
View all- Zhang YChen ZGuo F(2010)Online/offline verification of short signaturesProceedings of the 6th international conference on Information security and cryptology10.5555/2031933.2031963(350-358)Online publication date: 20-Oct-2010
Is the Notion of Divisible On-Line/Off-Line Signatures Stronger than On-Line/Off-Line Signatures?
Authors: 
Man Ho Au, 
Willy Susilo, Yi MuAuthors Info & Claims
Pages 129 - 139
Abstract
On-line/Off-line signatures are useful in many applications where the signer has a very limited response time once the message is presented. The idea is to perform the signing process in two phases. The first phase is performed <em>off-line</em> before the message to be signed is available and the second phase is performed <em>on-line</em> after the message to be signed is provided. Recently, in CT-RSA 2009, Gao <em>et al.</em> made a very interesting observation that most of the existing schemes possess the following structure. In the off-line phase, a partial signature, called the off-line token is computed first. Upon completion of the on-line phase, the off-line token constitutes part of the full signature. They considered the "off-line token exposure problem" in which the off-line token is exposed in the off-line phase and introduced a new model to capture this scenario. While intuitively the new requirement appears to be a stronger notion, Gao <em>et al.</em> cannot discover a concrete attack on any of the existing schemes under the new model. They regard clarifying the relationship between the models as an open problem. In this paper, we provide an affirmative answer to this open problem. We construct an On-line/Off-line signature scheme, which is secure under the ordinary security model whilst it is insecure in the new model. Specifically, we present a security proof under the old model and a concrete attack of the scheme under the new model. This illustrates that the new model is indeed stronger.
References
[1]
Bellare, M.: A Note on Negligible Functions. Journal of Cryptology 15(4), 271-284 (2002)
[2]
Bellare, M., Palacio, A.: Gq and schnorr identification schemes: Proofs of security against impersonation under active and concurrent attacks. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 162-177. Springer, Heidelberg (2002)
[3]
Boneh, D., Boyen, X.: Short Signatures without Random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56-73. Springer, Heidelberg (2004)
[4]
Boneh, D., Boyen, X.: Short signatures without random oracles and the sdh assumption in bilinear groups. Journal of Cryptology 21(2), 149-177 (2008)
[5]
Boneh, D., Lipton, R.J.: Algorithms for Black-Box Fields and their Application to Cryptography (Extended Abstract). In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 283-297. Springer, Heidelberg (1996)
[6]
Bresson, E., Catalano, D., Gennaro, R.: Improved on-line/off-line threshold signatures. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 217-232. Springer, Heidelberg (2007)
[7]
Chen, X., Zhang, F., Susilo, W., Mu, Y.: Efficient generic on-line/off-line signatures without key exposure. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 18-30. Springer, Heidelberg (2007)
[8]
Cheon, J.H.: Security Analysis of the Strong Diffie-Hellman Problem. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 1-11. Springer, Heidelberg (2006)
[9]
Crutchfield, C., Molnar, D., Turner, D., Wagner, D.: Generic on-line/off-line threshold signatures. In: Yung, et al. (eds.) {15}, pp. 58-74
[10]
Diffie, W., Hellman, M.E.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6), 644-654 (1976)
[11]
Even, S., Goldreich, O., Micali, S.: On-line/off-line digital schemes. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 263-275. Springer, Heidelberg (1990)
[12]
Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186-194. Springer, Heidelberg (1986)
[13]
Gamal, T.E.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31(4), 469-472 (1985)
[14]
Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17(2), 281-308 (1988)
[15]
Guo, F., Mu, Y.: Optimal online/offline signature: How to sign a message without online computation. In: Baek, J., Bao, F., Chen, K., Lai, X. (eds.) ProvSec 2008. LNCS, vol. 5324, pp. 98-111. Springer, Heidelberg (2008)
[16]
Kurosawa, K., Schmidt-Samoa, K.: New online/offline signature schemes without random oracles. In: Yung, et al. (eds.) {25}, pp. 330-346
[17]
N. I. of Standards and T (NIST). The digital signature standard, 186. In: Federal Information Processing Standards Publication, FIPS PUB (1994)
[18]
Pollard, J.M.: Monte Carlo Methods for Index Computation (mod p). Mathematics of Computation 32(143), 918-924 (1978)
[19]
Schnorr, C.-P.: Efficient Signature Generation by Smart Cards. Journal of Cryptology 4(3), 161-174 (1991)
[20]
Shamir, A., Tauman, Y.: Improved online/offline signature schemes. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 355-367. Springer, Heidelberg (2001)
[21]
Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256-266. Springer, Heidelberg (1997)
[22]
Xu, S., Mu, Y., Susilo, W.: Online/offline signatures and multisignatures for aodv and dsr routing security. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 99-110. Springer, Heidelberg (2006)
[23]
Yu, P., Tate, S.R.: An online/offline signature scheme based on the strong rsa assumption. In: AINAW 2007: Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops, pp. 601-606. IEEE Computer Society, Washington (2007)
[24]
Yu, P., Tate, S.R.: Online/offline signature schemes for devices with limited computing capabilities. In: Malkin, T.G. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 301-317. Springer, Heidelberg (2008)
[25]
Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.): PKC 2006. LNCS, vol. 3958. Springer, Heidelberg (2006)
[26]
zhi Gao, C., Wei, B., Xie, D., Tang, C.: Divisible on-line/off-line signatures. In: Fischlin, M. (ed.) Topics in Cryptology - CT-RSA 2009, The Cryptographers' Track at the RSA Conference 2009, San Francisco, CA, USA, Proceedings, April 20-24. LNCS, vol. 5473, pp. 148-163. Springer, Heidelberg (2009)
Recommendations
Divisible On-Line/Off-Line Signatures
CT-RSA '09: Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in CryptologyOn-line/Off-line signatures are used in a particular scenario where the signer must respond quickly once the message to be signed is presented. The idea is to split the signing procedure into two phases: the off-line and on-line phases. The signer can ...
Efficient Generic On-Line/Off-Line Signatures Without Key Exposure
ACNS '07: Proceedings of the 5th international conference on Applied Cryptography and Network SecurityThe "hash-sign-switch" paradigm was firstly proposed by Shamir and Tauman with the aim to design an efficient on-line/off-line signature scheme. However, all existing on-line/off-line signature schemes based on Shamir-Tauman's paradigm suffer from the ...
Off-line/on-line signatures revisited: a general unifying paradigm, efficient threshold variants and experimental results
The notion of off-line/on-line digital signature scheme was introduced by Even, Goldreich and Micali. Informally such signatures schemes are used to reduce the time required to compute a signature using some kind of preprocessing. Even, Goldreich and ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 10 November 2009
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 13 Dec 2024
Other Metrics
Citations
Cited By
View all- Zhang YChen ZGuo F(2010)Online/offline verification of short signaturesProceedings of the 6th international conference on Information security and cryptology10.5555/2031933.2031963(350-358)Online publication date: 20-Oct-2010