Hash-and-Sign with Weak Hashing Made Secure

Digital signatures are often proven to be secure in the random oracle model while hash functions deviate more and more from this idealization. Liskov proposed to model a weak hash function by a random oracle together with another oracle allowing to break some properties of the hash function, e.g. a preimage oracle. To avoid the need for collision-resistance, Bellare and Rogaway proposed to use target collision resistant (TCR) randomized pre-hashing. Later, Halevi and Krawczyk suggested to use enhanced TCR (eTCR) hashing to avoid signing the random seed. To avoid the increase in signature length in the TCR construction, Mironov suggested to recycle some signing coins in the message preprocessing. In this paper, we develop and apply all those techniques. In particular, we obtain a generic preprocessing which allows to build strongly secure signature schemes when hashing is weak and the internal (textbook) signature is weakly secure. We model weak hashing by a preimage-tractable random oracle.


Published in:
the 12th Australasian Conference on Information Security and Privacy: ACISP '07, 4586, 338-354
Presented at:
the 12th Australasian Conference on Information Security and Privacy: ACISP '07, Townsville, Queensland, Australia, July 2-4, 2007
Year:
2007
Publisher:
Townsville, Queensland, Australia, Springer
Keywords:
Laboratories:




 Record created 2007-08-27, last modified 2018-03-17

n/a:
Download fulltextPDF
External link:
Download fulltextURL
Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)