搜索结果: 1-15 共查到“Schnorr”相关记录16条 . 查询时间(0.093 秒)
Blind Schnorr Signatures in the Algebraic Group Model
Schnorr signatures blind signatures algebraic group model
2019/8/2
We study the security of schemes related to Schnorr signatures in the algebraic group model (AGM) proposed by Fuchsbauer, Kiltz, and Loss (CRYPTO 2018), where the adversary can only compute new group ...
Schnorr-based implicit certification: improving the security and efficiency of V2X communications
Vehicular communications (V2X) implicit certificates butterfly key expansion
2019/2/25
In the implicit certification model, the process of verifying the validity of the signer's public key is combined with the verification of the signature itself. When compared to traditional, explicit ...
Okamoto Beats Schnorr: On the Provable Security of Multi-Signatures
Provable Security Multi-Signatures
2018/5/11
A multisignature scheme allows a group of signers to collaboratively sign a message, creating a single signature that convinces a verifier that every individual signer approved the message. The increa...
Simple Schnorr Multi-Signatures with Applications to Bitcoin
multi-signatures Schnorr signatures one-more discrete logarithm problem
2018/1/19
We describe a new Schnorr-based multi-signature scheme (i.e., a protocol which allows a group of signers to produce a short, joint signature on a common message), provably secure in the plain public-k...
Reusing Nonces in Schnorr Signatures
public-key cryptography Schnorr digital signature efficiency
2018/1/19
The provably secure Schnorr signature scheme is popular and efficient. However, each signature requires a fresh modular exponentiation, which is typically a costly operation. As the increased uptake i...
On Instance Compression, Schnorr/Guillou-Quisquater, and the Security of Classic Protocols for Unique Witness Relations
AND-DL AND-RSA
2017/5/8
Following the framework of Harnik and Naor, we introduce the notion of tailored instance compression to capture the essence of the known one-more like assumptions, which provides new insight into the ...
Short Schnorr signatures require a hash function with more than just random-prefix resistance
public-key cryptography digital signatures
2016/1/3
Neven, Smart and Warinschi (NSW) proved, in the generic group
model, that full-length Schnorr signatures require only random-prefix
resistant hash functions to resist passive existential forgery.
Attribute-Based Versions of Schnorr and ElGamal
attribute-based cryptography Discrete Logarithm setting verifiable computation
2016/1/3
We design in this paper the first attribute-based cryptosystems that work in the classical Discrete
Logarithm, pairing-free, setting. The attribute-based signature scheme can be seen as an extension ...
An alleged theorem of Neven, Smart and Warinschi (NSW) about
the security of Schnorr signatures seems to have a flaw described in
this report.
Multi-user Schnorr security, revisited
Schnorr signatures multi-user security proof errors
2015/12/22
Three recent proposals for standardization of next-generation
ECC signatures have included “key prefixing” modifications to Schnorr’s
signature system. Bernstein, Duif, Lange, Schwabe, and Yang stat...
Schnorr Signatures in the Multi-User Setting
Schnorr signatures multi-user security unforgeability
2015/12/21
A theorem by Galbraith, Malone-Lee, and Smart (GMLS) from 2002 showed that, for Schnorr
signatures, single-user security tightly implies multi-user security. Recently, Bernstein pointed to an
error ...
On the Security of the Schnorr Signature Scheme and DSA against Related-Key Attacks
Related-key attacks Schnorr signatures DSA
2015/12/21
In the ordinary security model for signature schemes, we consider an adversary that may
forge a signature on a new message using only his knowledge of other valid message and signature
pairs. To tak...
Unconditional Tightness Bounds for Generic Reductions: The Exact Security of Schnorr Signatures, Revisited
Schnorr signatures meta-reductions
2014/3/12
A long line of research investigates the existence of tight security reductions for the Schnorr signature scheme. Most of these works presented lower tightness bounds, most recently Seurin (Eurocrypt ...
Limitations of the Meta-Reduction Technique: The Case of Schnorr Signatures
Meta-Reduction Random Oracle Model Schnorr Signature
2013/4/18
We revisit the security of Fiat-Shamir signatures in the non-programmable random oracle model. The well-known proof by Pointcheval and Stern for such signature schemes (Journal of Cryptology, 2000) re...
On the Portability of Generalized Schnorr Proofs
Generalized Schnorr Proofs Zero Knowledge Proofs GSP
2009/6/11
The notion of Zero Knowledge Proofs (of knowledge) [ZKP] is central to cryptography; it provides a set
of security properties that proved indispensable in concrete protocol design. These properties a...