We present an efficient and extremely simple construction of forward-secure signatures based on {\em any} regular signature scheme (e.g., RSA and DSS); the resultant signatures enjoy size-parameters that are independent of the number of periods (except for the inclusion of an index to the period in which a signature is issued). The only parameter that grows (linearly) with the number of periods is the total size of local non-secret memory of the signer. The forward-security of our schemes is directly implied by the unforgeability property of the underlying signature scheme and it requires no extra assumptions.
Our approach can also be applied to some signature schemes with special properties, such as undeniable signatures, to obtain forward-secure signatures that still enjoy the added special property.
Category / Keywords: digital signatures, forward security Publication Info: Appeared in the7th ACM Conference on Computer and Communications Security, Nov. 2000.ed in Date: received 20 May 2001 Contact author: hugo at ee technion ac il Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation Version: 20010520:170255 (All versions of this report) Short URL: ia.cr/2001/042 Discussion forum: Show discussion | Start new discussion