Paper 2008/286

One-Up Problem for (EC)DSA

Daniel R. L. Brown

Abstract

The one-up problem is defined for any group and a function from the group to integers. An instance of problem consists of two points in the group. A solution consists of another point satisfying an equation involving the group and the function. The one-up problem must be hard for the security of (EC)DSA. Heuristic arguments are given for the independence of the discrete log and one-up problems. DSA and ECDSA are conjectured to be secure if the discrete log and one-up problems are hard and the hash is collision resistant.

Metadata
Available format(s)
PS
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
DSAECDSA
Contact author(s)
dbrown @ certicom com
History
2008-07-03: received
Short URL
https://ia.cr/2008/286
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2008/286,
      author = {Daniel R.  L.  Brown},
      title = {One-Up Problem for (EC)DSA},
      howpublished = {Cryptology ePrint Archive, Paper 2008/286},
      year = {2008},
      note = {\url{https://eprint.iacr.org/2008/286}},
      url = {https://eprint.iacr.org/2008/286}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.