Paper 1999/016

A forward-secure digital signature scheme

Mihir Bellare and Sara Miner

Abstract

We describe a digital signature scheme in which the public key is fixed but the secret signing key is updated at regular intervals so as to provide a <i>forward security</i> property: compromise of the current secret key does not enable an adversary to forge signatures pertaining to the past. This can be useful to mitigate the damage caused by key exposure without requiring distribution of keys. Our construction uses ideas from the Fiat-Shamir and Ong-Schnorr identification and signature schemes, and is proven to be forward secure based on the hardness of factoring, in the random oracle model. The construction is also quite efficient.

Metadata
Available format(s)
PS
Publication info
Published elsewhere. Appeared in the THEORY OF CRYPTOGRAPHY LIBRARY and has been included in the ePrint Archive.
Keywords
Digital signaturesforward securityidentificationfactoring.
Contact author(s)
mihir @ cs ucsd edu
History
1999-07-13: received
Short URL
https://ia.cr/1999/016
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:1999/016,
      author = {Mihir Bellare and Sara Miner},
      title = {A forward-secure digital signature scheme},
      howpublished = {Cryptology ePrint Archive, Paper 1999/016},
      year = {1999},
      note = {\url{https://eprint.iacr.org/1999/016}},
      url = {https://eprint.iacr.org/1999/016}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.