File Download
There are no files associated with this item.
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1007/978-3-642-04642-1_12
- Scopus: eid_2-s2.0-77952728276
- Find via
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Conference Paper: Is the notion of divisible on-line/off-line signatures stronger than on-line/off-line signatures?
Title | Is the notion of divisible on-line/off-line signatures stronger than on-line/off-line signatures? |
---|---|
Authors | |
Keywords | DOS-EU-CMA Divisible on-line/off-line signatures On-line/off-line signatures OS-EU-CMA |
Issue Date | 2009 |
Citation | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2009, v. 5848 LNCS, p. 129-139 How to Cite? |
Abstract | On-line/Off-line signatures are useful in many applications where the signer has a very limited response time once the message is presented. The idea is to perform the signing process in two phases. The first phase is performed off-line before the message to be signed is available and the second phase is performed on-line after the message to be signed is provided. Recently, in CT-RSA 2009, Gao et al. made a very interesting observation that most of the existing schemes possess the following structure. In the off-line phase, a partial signature, called the off-line token is computed first. Upon completion of the on-line phase, the off-line token constitutes part of the full signature. They considered the "off-line token exposure problem" in which the off-line token is exposed in the off-line phase and introduced a new model to capture this scenario. While intuitively the new requirement appears to be a stronger notion, Gao et al. cannot discover a concrete attack on any of the existing schemes under the new model. They regard clarifying the relationship between the models as an open problem. In this paper, we provide an affirmative answer to this open problem. We construct an On-line/Off-line signature scheme, which is secure under the ordinary security model whilst it is insecure in the new model. Specifically, we present a security proof under the old model and a concrete attack of the scheme under the new model. This illustrates that the new model is indeed stronger. © Springer-Verlag 2009. |
Persistent Identifier | http://hdl.handle.net/10722/280475 |
ISSN | 2023 SCImago Journal Rankings: 0.606 |
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Au, Man Ho | - |
dc.contributor.author | Susilo, Willy | - |
dc.contributor.author | Mu, Yi | - |
dc.date.accessioned | 2020-02-17T14:34:08Z | - |
dc.date.available | 2020-02-17T14:34:08Z | - |
dc.date.issued | 2009 | - |
dc.identifier.citation | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2009, v. 5848 LNCS, p. 129-139 | - |
dc.identifier.issn | 0302-9743 | - |
dc.identifier.uri | http://hdl.handle.net/10722/280475 | - |
dc.description.abstract | On-line/Off-line signatures are useful in many applications where the signer has a very limited response time once the message is presented. The idea is to perform the signing process in two phases. The first phase is performed off-line before the message to be signed is available and the second phase is performed on-line after the message to be signed is provided. Recently, in CT-RSA 2009, Gao et al. made a very interesting observation that most of the existing schemes possess the following structure. In the off-line phase, a partial signature, called the off-line token is computed first. Upon completion of the on-line phase, the off-line token constitutes part of the full signature. They considered the "off-line token exposure problem" in which the off-line token is exposed in the off-line phase and introduced a new model to capture this scenario. While intuitively the new requirement appears to be a stronger notion, Gao et al. cannot discover a concrete attack on any of the existing schemes under the new model. They regard clarifying the relationship between the models as an open problem. In this paper, we provide an affirmative answer to this open problem. We construct an On-line/Off-line signature scheme, which is secure under the ordinary security model whilst it is insecure in the new model. Specifically, we present a security proof under the old model and a concrete attack of the scheme under the new model. This illustrates that the new model is indeed stronger. © Springer-Verlag 2009. | - |
dc.language | eng | - |
dc.relation.ispartof | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | - |
dc.subject | DOS-EU-CMA | - |
dc.subject | Divisible on-line/off-line signatures | - |
dc.subject | On-line/off-line signatures | - |
dc.subject | OS-EU-CMA | - |
dc.title | Is the notion of divisible on-line/off-line signatures stronger than on-line/off-line signatures? | - |
dc.type | Conference_Paper | - |
dc.description.nature | link_to_subscribed_fulltext | - |
dc.identifier.doi | 10.1007/978-3-642-04642-1_12 | - |
dc.identifier.scopus | eid_2-s2.0-77952728276 | - |
dc.identifier.volume | 5848 LNCS | - |
dc.identifier.spage | 129 | - |
dc.identifier.epage | 139 | - |
dc.identifier.eissn | 1611-3349 | - |
dc.identifier.issnl | 0302-9743 | - |