Paper 2012/068

Extended Security Arguments for (Ring) Signature Schemes

Sidi Mohamed El Yousfi Alaoui, Özgür Dagdelen, Pascal Véron, David Galindo, and Pierre-Louis Cayrel


The well-known forking lemma by Pointcheval and Stern has been used to prove the security of the so-called generic signature schemes. These signature schemes are obtained via the Fiat-Shamir transform from three-pass identication schemes. A number of five-pass identification protocols have been proposed in the last few years. Extending the forking lemma and the Fiat-Shamir transform would allow to obtain new signature schemes since, unfortunately, these newly proposed schemes fall outside the original framework. In this paper, we provide an extension of the forking lemma in order to assess the security of what we call n-generic signature schemes. These include signature schemes that are derived from certain (2n + 1)-pass identication schemes. We thus obtain a generic methodology for proving the security of a number of signature schemes derived from recently published ve-pass identication protocols, and eventually for (2n+1)-pass identication schemes to come. Finally, we propose a similar extension of the forking lemma for ring signatures originally proposed by Herranz and Sáez.

Note: This version of the paper was flawed and therefore withdrawn. An extended, updated and corrected version can be found in the journal Designs, Codes, and Cryptography.

Available format(s)
-- withdrawn --
Public-key cryptography
Publication info
Published elsewhere. Major revision. Design, Codes and Cryptography
(ring) signature schemeforking lemmasecurity proofcanonical identication scheme.
Contact author(s)
elyousfi alaoui @ gmx de
2016-11-11: withdrawn
2012-02-23: received
See all versions
Short URL
Creative Commons Attribution
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.