Previous [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]

Journal of Inforamtion Science and Engineering, Vol.17 No.6, pp.879-898 (November 2001)

An Efficient Construction for Fail-Stop Signature
for Long Messages*

Rei Safavi-Naini, Willy Susilo and Huaxiong Wang
Centre for Computer Security Research
School of Information Technology and Computer Science
University of Wollongong
Wollongong 2522, Austrialia
E-mail: {rei-wsusilo, huaxiong}

The security of ordinary digital signature schemes relies on a computational assumption. Fail-stop signature (FSS) schemes provide security for a signer against a forger with unlimited computational power by enabling the signer to provide a proof of forgery, if it occurs. Signing long messages using FSS requires a hash function with provable security which results in slow signature generation. In this paper we propose a new construction for FSS schemes based on linear authentication codes which does not require a hash function, and results in a much faster signature generation at the cost of slower verification, and a longer secret key and signature. An important advantage of the scheme is that the proof of forgery is the same as a traditional FSS and does not rely on the properties of the hash function. The scheme can be used in a distributed setting where signature generation requires collaboration of k signers. The paper concludes with some open problems.

Keywords: fail-stop signature schemes, authentication codes, linearised polynomials, one-time signature, threshold signature

Full Text () Retrieve PDF document (200111_02.pdf)

Received January 30, 2001; accepted July 10, 2001.
Communicated by Chi Sung Laih