The paper is devoted to the analysis of the unforgeability property of the Chaum - Pedersen blind signature scheme in case an adversary is able to initiate parallel sessions of the signature generation protocol. It is shown that the scheme does not ensure strong unforgeability, i.e., it allows to create the forgeries for “old” messages that were legitimately signed. An analysis of the weak unforgeability property (the adversary’s task is to create a forgery for a new message) is also conducted. Using the reduction method, we obtain a security bound on the weak unforgeability property in the algebraic group model and random oracle model. This estimation identifies the base problems whose complexity underpins the scheme security.
Download file
Counter downloads: 9
- Title On the unforgeability of the Chaum - Pedersen blind signature scheme
- Headline On the unforgeability of the Chaum - Pedersen blind signature scheme
- Publesher
Tomsk State University - Issue Prikladnaya Diskretnaya Matematika - Applied Discrete Mathematics 65
- Date:
- DOI 10.17223/20710410/65/3
Keywords
blind signature scheme, Chaum - Pedersen blind signature, ROS attackAuthors
References
Chaum D. Blind signatures for untraceable payments // D. Chaum, R. L. Rivest, and A.T. Sherman (eds.). Advances in Cryptology. Boston, MA: Springer, 1983. P.199-203.
Fujioka A., Okamoto T., and Ohta K. A practical secret voting scheme for large scale elections // LNCS. 1993. V.718. P.244-251.
Pointcheval D. and Stern J. Provablv secure blind signature schemes // LNCS. 1996. V. 1163. P.252-265.
Schnorr C.P. Security of blind discrete log signatures against interactive attacks // LNCS. 2001. V. 2229. P. 1-12.
Benhamouda F., Lepoint T., Loss J., et al. On the (in) security of ROS //j. Cryptology. 2022. V. 35. No. 4. Article 25.
Akhmetzyanova L., Alekseev E., Babueva A., and Smyshlyaev S. On the (im)possibility of secure ElGamal blind signatures // Матем. вопр. криптогр. 2023. T. 14. №2. С. 25-42.
Pointcheval D. and Stern J. Security arguments for digital signatures and blind signatures //j. Cryptology. 2000. Y. 13. P.361-396.
Abe M. and Okamoto T. Provablv secure partially blind signatures // LNCS. 2000. V. 1880. P.271-286.
Brands S. Untraceable off-line cash in wallets with observers // LNCS. 1994. V. 773. P.302-318.
Chaum D. and Pedersen T.P. Wallet databases with observers // LNCS. 1993. V. 740. P.89-105.
Fischlin M. and Schroder D. On the impossibility of three-move blind signature schemes // LNCS. 2010. V.6110. P. 197-215.
Pass R. Limits of provable security from standard assumptions // Proc. 43rd Ann. ACM Svmp. Theory Computing. San Jose, California, USA, 2011. P. 109-118.
Bellare M. and Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols // Proc. CCS’93. Fairfax, Virginia, USA, 1993. P.62-73.
Nechaev V. I.Complexity of a determinate algorithm for the discrete logarithm // Math. Notes. 1994. V.55. No. 2. P.165-172.
Fuchsbauer G., Kiltz E., and Loss J. The algebraic group model and its applications // LNCS. 2018. V. 10992. P.33-62.
Baldimtsi F. and Lysyanskaya A. On the security of one-witness blind signature schemes // LNCS. 2013. V.8270. P.82-99.
Chairattana-Apirom R., Tessaro S., and Zhu C. Pairing-Free Blind Signatures from CDH Assumptions. Cryptology ePrint Archive. 2023. Paper 2023/1780. https://eprint.iacr.org/2023/1780.
Crites E., Komlo C., Mailer M., et al. Snowblind: A threshold blind signature in pairing-free groups // LNCS. 2023. V. 14081. P.710-742.
Tessaro S. and Zhu C. Short pairing-free blind signatures with exponential security // LNCS. 2022. V. 13276. P.782-811.
Bellare M., Namprempre G., Pointcheval D., and Semanko M. The one-more-RSA-inversion problems and the security of Chaum’s blind signature scheme //j. Cryptology. 2003. V. 16. No. 3. P.185-215.
Bauer B., Fuchsbauer G., and Loss J. A classification of computational assumptions in the algebraic group model // LNCS. 2020. V. 12171. P. 121-151.
Faz-Hernandez A., Scott S., Sullivan N., et al. Hashing to Elliptic Curves, https://datatracker.ietf.org/doc/rfc9380/.
Paquin С. and Zaverucha G. U-Prove Cryptographic Specification VI.1 (Revision3). https://www.microsoft.com/en-us/research/publication/u-prove-cryptographic-specification-vl-l-revision-3/. 2013.
Boneh D. and Boyen X. Short signatures without random oracles // LNCS. 2004. V. 3027. P. 56-73.
Koblitz N. and Menezes A. Another look at non-standard discrete log and Diffie - Heilman problems //j. Math. Cryptology. 2008. V.2. No.4. P.311-326.
Cheon J. H. Security analysis of the strong Diffie - Heilman problem // LNCS. 2006. V. 4004. P.1-11.
P 1323565.1.024-2019 «Информационная технология. Криптографическая защита информации. Параметры эллиптических кривых для криптографических алгоритмов и протоколов». М.: Стандартинформ, 2019.
Van der Meer N. Root Finding over Finite Fields for Secure Multiparty Computation. Bachelor Thesis. Eindhoven University of Technology, 2021.
On the unforgeability of the Chaum - Pedersen blind signature scheme | Prikladnaya Diskretnaya Matematika - Applied Discrete Mathematics. 2024. № 65. DOI: 10.17223/20710410/65/3
Download full-text version
Counter downloads: 67