1994 | OriginalPaper | Buchkapitel
Can O.S.S. be Repaired? - Proposal for a New Practical Signature Scheme -
verfasst von : David Naccache
Erschienen in: Advances in Cryptology — EUROCRYPT ’93
Verlag: Springer Berlin Heidelberg
Enthalten in: Professional Book Archive
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
This paper describes a family of new Ong-Schnorr-Shamir-Fiat-Shamir-like [1] identification and signature protocols designed to prevent forgers from using the Pollard-Schnorr attack [2].Our first signature scheme (and its associated identification protocol) uses x, which is secret-free, as a commitment on which k will depend later. Therefore, the original quadratic equation is replaced by x2 − -k(x)y2 = m mod n where k(x) is a non-polynomial function of x and since the Poliard-Schnorr algorithm takes as input value k (to output x and y), it becomes impossible to feed à-priori k(x) which is output-dependentThe second signature method takes advantage of the fact that although an attacker can generate validOSS signatures (solutions {x,y} of x2 - k y2 = m mod n), he has no control over the internal structure of x and y and in particular, if we restrict the solution space by adding extra conditions on x and y, it becomes very difficult to produce forged solutions that satisfy the new requirements.