Paper 2005/192

On the security and the efficiency of the Merkle signature scheme

Carlos Coronado

Abstract

This paper builds on the multi-time signature scheme proposed by Merkle. We prove that the original scheme is existentially unforgeable under adaptive chosen message attack. Moreover, we present an improved version which has three advantages: It is provably forward secure. The number of signatures that can be made with one private key is --- in a practical sense --- unlimited. Finally, the cost for key generation is kept low. The theoretical exposition is complemented by experimental data about the efficiency of the improved Merkle signature scheme.

Metadata
Available format(s)
PDF PS
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Merkle Signature SchemeForward SecurityProvable SecurityLamport-Diffie one-time Signature Scheme.
Contact author(s)
coronado @ cdc informatik tu-darmstadt de
History
2005-06-23: received
Short URL
https://ia.cr/2005/192
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2005/192,
      author = {Carlos Coronado},
      title = {On the security and the efficiency of the Merkle signature scheme},
      howpublished = {Cryptology {ePrint} Archive, Paper 2005/192},
      year = {2005},
      url = {https://eprint.iacr.org/2005/192}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.