[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gzz-commits] manuscripts/Sigs article.rst
From: |
Tuomas J. Lukka |
Subject: |
[Gzz-commits] manuscripts/Sigs article.rst |
Date: |
Mon, 19 May 2003 14:56:07 -0400 |
CVSROOT: /cvsroot/gzz
Module name: manuscripts
Changes by: Tuomas J. Lukka <address@hidden> 03/05/19 14:56:07
Modified files:
Sigs : article.rst
Log message:
someabs
CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/article.rst.diff?tr1=1.121&tr2=1.122&r1=text&r2=text
Patches:
Index: manuscripts/Sigs/article.rst
diff -u manuscripts/Sigs/article.rst:1.121 manuscripts/Sigs/article.rst:1.122
--- manuscripts/Sigs/article.rst:1.121 Mon May 19 14:48:17 2003
+++ manuscripts/Sigs/article.rst Mon May 19 14:56:07 2003
@@ -4,31 +4,29 @@
Abstract:
-- recursive application of one-time signature to sign
- nodes along a single path through a virtual tree of
- new pubkeys corresponding to privkeys
- deterministically
- generated by random oracle from the tree node
-
-- In conjunction with Merkle hash trees, used to generate
- a family of trade-offed schemes whose time and space characteristics
- depend linearly on the underlying one-time sig schemes'.
-
-- good
-
- - existentially unforgeable in adaptive chosen message attack
-
- - We believe that as long as the random oracle,
- used to generate the new private keys
- and to implement the one-time signatures,
- isn't broken, an exhaustive
- key search is the only way to break the scheme.
-
- - (however, we don't give full security analysis)
-
- - unlimited time
-
- - hash function strength, no trapdoor function required
+We propose an new digital signature scheme based on
+recursive application of an underlying
+one-time signature scheme to sign
+nodes along a single path through a virtual tree of
+keys deterministically
+generated by random oracle from the parent private keys.
+In conjunction with Merkle hash trees, our scheme
+is used to generate
+a family of schemes with a tradeoff between
+time and space characteristics, which for all separate values
+of the tradeoff parameter
+depend linearly on the characteristics
+of the underlying one-time signature scheme.
+
+Our scheme has several advantages:
+signatures are
+existentially unforgeable in adaptive chosen message attack.
+Because the security of the scheme is based only on
+one-way functions and a random oracle, i.e.
+no trapdoor functions are used,
+the keys and signatures remain valid
+for an
+unlimited time.
- instance:
@@ -46,6 +44,14 @@
- we discuss applications
+.. we believe that as long as the random oracle,
+ used to generate the new private keys
+ and to implement the one-time signatures,
+ isn't broken, an exhaustive
+ key search is the only way to break the scheme.
+
+ - (however, we don't give full security analysis)
+
Introduction
============
@@ -327,7 +333,7 @@
verifying relatively slow
- considerable improvements
- probably possible
+ may be possible
- naturally not foolproof: e.g. hashes *do* get broken, REF
- [Gzz-commits] manuscripts/Sigs article.rst, (continued)
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst,
Tuomas J. Lukka <=
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19