On the Security of the PKCS#1 v1.5 Signature Scheme
作者: Tibor Jager , Saqib A. Kakvi , Alexander May
关键词:
摘要: The RSA PKCS#1 v1.5 signature algorithm is the most widely used digital scheme in practice. Its two main strengths are its extreme simplicity, which makes it very easy to implement, and that verification of signatures significantly faster than for DSA or ECDSA. Despite huge practical importance signatures, providing formal evidence their security based on plausible cryptographic hardness assumptions has turned out be difficult. Therefore recent version (RFC 8017) even recommends a replacement more complex less efficient RSA-PSS, as provably secure therefore considered robust. obstacle use deterministic padding scheme, standard proof techniques not applicable. We introduce new technique enables first RSA-PKCS#1 signatures. prove full existential unforgeability against adaptive chosen-message attacks (EUF-CMA) under assumption. Furthermore, we give tight Phi-Hiding These proofs random oracle model parameters deviate slightly from use, because require larger output length hash function. However, also show how can instantiated practice such our apply. In order draw complete picture precise model, but with respect weaker attacker models (key-only attacks) known complexity assumptions. conclusion work provable perspective safely used, if function chosen appropriately.
acm.org
sci-hub.se 参考文章(52)
Yannick Seurin, On the Lossiness of the Rabin Trapdoor Function public key cryptography. pp. 380- 398 ,(2014) , 10.1007/978-3-642-54631-0_22
Florian Böhl, Dennis Hofheinz, Tibor Jager, Jessica Koch, Jae Hong Seo, Christoph Striecks, Practical Signatures from Standard Assumptions theory and application of cryptographic techniques. pp. 461- 485 ,(2013) , 10.1007/978-3-642-38348-9_28
Mark Lewko, Adam O’Neill, Adam Smith, Regularity of Lossy RSA on Subdomains and Its Applications theory and application of cryptographic techniques. pp. 55- 75 ,(2013) , 10.1007/978-3-642-38348-9_4
Adam Smith, Ye Zhang, On the Regularity of Lossy RSA Theory of Cryptography. pp. 609- 628 ,(2015) , 10.1007/978-3-662-46494-6_25
Dennis Hofheinz, Tibor Jager, Eike Kiltz, Short signatures from weaker assumptions international conference on the theory and application of cryptology and information security. ,vol. 2011, pp. 647- 666 ,(2011) , 10.1007/978-3-642-25385-0_35
Eike Kiltz, Krzysztof Pietrzak, On the Security of Padding-Based Encryption Schemes --- or --- Why We Cannot Prove OAEP Secure in the Standard Model international cryptology conference. pp. 389- 406 ,(2009) , 10.1007/978-3-642-01001-9_23
Marc Girault, Philippe Toffin, Brigitte Vallée, Computation of approximate L-th roots modulo n and application to cryptography international cryptology conference. pp. 100- 117 ,(1988) , 10.1007/0-387-34799-2_9
Romain Bardou, Riccardo Focardi, Yusuke Kawamoto, Lorenzo Simionato, Graham Steel, Joe-Kai Tsay, Efficient Padding Oracle Attacks on Cryptographic Hardware international cryptology conference. ,vol. 2012, pp. 608- 625 ,(2012) , 10.1007/978-3-642-32009-5_36
Sven Schäge, Tight proofs for signature schemes without random oracles international cryptology conference. pp. 189- 206 ,(2011) , 10.1007/978-3-642-20465-4_12
Mihir Bellare, Phillip Rogaway, Optimal asymmetric encryption theory and application of cryptographic techniques. pp. 92- 111 ,(1994) , 10.1007/BFB0053428