### Simple Forward-Secure Signatures From Any Signature Scheme

Hugo Krawczyk

##### Abstract

In Crypto'99, Bellare and Miner introduced {\em forward-secure signatures} as digital signature schemes with the attractive property that exposure of the signing key at certain time period does not allow for the forgery of signatures from previous time periods. That paper presented the first full design of an efficient forward-secure signatures scheme, but left open the question of building efficient and practical schemes based on standard signatures such as RSA or DSS. In particular, they called for the development of schemes where the main size-parameters (namely, the size of the private key, public key, and signature) do not grow with the total number of periods for which the public key is to be in use. We present an efficient and extremely simple construction of forward-secure signatures based on {\em any} regular signature scheme (e.g., RSA and DSS); the resultant signatures enjoy size-parameters that are independent of the number of periods (except for the inclusion of an index to the period in which a signature is issued). The only parameter that grows (linearly) with the number of periods is the total size of local non-secret memory of the signer. The forward-security of our schemes is directly implied by the unforgeability property of the underlying signature scheme and it requires no extra assumptions. Our approach can also be applied to some signature schemes with special properties, such as undeniable signatures, to obtain forward-secure signatures that still enjoy the added special property.

Available format(s)
Publication info
Published elsewhere. Appeared in the7th ACM Conference on Computer and Communications Security, Nov. 2000.ed in
Keywords
digital signaturesforward security
Contact author(s)
hugo @ ee technion ac il
History
Short URL
https://ia.cr/2001/042

CC BY

BibTeX

@misc{cryptoeprint:2001/042,
author = {Hugo Krawczyk},
title = {Simple Forward-Secure Signatures From Any Signature Scheme},
howpublished = {Cryptology ePrint Archive, Paper 2001/042},
year = {2001},
note = {\url{https://eprint.iacr.org/2001/042}},
url = {https://eprint.iacr.org/2001/042}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.