[Resource Topic] 2018/1140: Efficient Fully-Leakage Resilient One-More Signature Schemes

Welcome to the resource topic for 2018/1140

Efficient Fully-Leakage Resilient One-More Signature Schemes

Authors: Antonio Faonio


In a recent paper Faonio, Nielsen and Venturi (ICALP 2015) gave new constructions of leakage-resilient signature schemes. The signature schemes proposed remain unforgeable against an adversary leaking arbitrary information on the entire state of the signer, including the random coins of the signing algorithm. The main feature of their signature schemes is that they offer a graceful degradation of security in situations where standard existential unforgeability is impossible. The notion, put forward by Nielsen, Venturi, and Zottarel (PKC 2014), defines a slack parameter \gamma which, roughly speaking, describes how gracefully the security degrades. Unfortunately, the standard-model signature scheme of Faonio,Nielsen and Venturi has a slack parameter that depends on the number of signatures queried by the adversary. In this paper we show two new constructions in the standard model where the above limitation is avoided. Specifically, the first scheme achieves slack parameter O(1/\lambda) where \lambda is the security parameter and it is based on standard number theoretic assumptions, the second scheme achieves optimal slack parameter (i.e. \gamma = 1) and it is based on knowledge of the exponent assumptions. Our constructions are efficient and have leakage rate 1 - o(1), most notably our second construction has signature size of only 8 group elements which makes it the leakage-resilient signature scheme with the shortest signature size known to the best of our knowledge.

ePrint: https://eprint.iacr.org/2018/1140

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .