Welcome to the resource topic for 2016/1039
Title:
A Fiat-Shamir Implementation Note
Authors: Simon Cogliani, Rémi Géraud, David Naccache
Abstract:In the Micali-Shamir paper improving the efficiency of the original Fiat-Shamir protocol, the authors state that “(…) not all of the v_i's will be quadratic residues mod n. We overcome this technical difficulty with an appropriate perturbation technique (…)” This perturbation technique is made more explicit in the associated patent application: “Each entity is allowed to modify the standard v_j which are QNRs. A particularly simple way to achieve this is to pick a modulus n=pq where p=3 \bmod 8 and q=7 \bmod 8, since then exactly one of v_j,-v_j,2v_j,-2v_j is a QR mod n for any v_j. The appropriate variant of each v_j can be (…) deduced by the verifier himself during the verification of given signatures.” In this short note we clarify the way in which the verifier can infer by himself the appropriate variant of each v_j during verification.
ePrint: https://eprint.iacr.org/2016/1039
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .