### Strongly Unforgeable Signatures Resilient to Polynomially Hard-to-Invert Leakage under Standard Assumptions

Masahito Ishizaka and Kanta Matsuura

##### Abstract

A signature scheme is said to be weakly unforgeable, if it is hard to forge a signature on a message not signed before. A signature scheme is said to be strongly unforgeable, if it is hard to forge a signature on any message. In some applications, the weak unforgeability is not enough and the strong unforgeability is required, e.g., the Canetti, Halevi and Katz transformation. Leakage-resilience is a property which guarantees that even if secret information such as the secret-key is partially leaked, the security is maintained. Some security models with leakage-resilience have been proposed. The hard-to-invert leakage model, a.k.a. auxiliary (input) leakage model, proposed by Dodis et al. at STOC'09 is especially meaningful one, since the leakage caused by a function which information-theoretically reveals the secret-key, e.g., one-way permutation, is considered. In this work, we propose a generic construction of digital signature strongly unforgeable and resilient to polynomially hard-to-invert leakage which can be instantiated under standard assumptions such as the decisional linear assumption. We emphasize that our instantiated signature is not only the first one resilient to polynomially hard-to-invert leakage under standard assumptions, but also the first one which is strongly unforgeable and has hard-to-invert leakage-resilience.

Available format(s)
Category
Public-key cryptography
Publication info
Published elsewhere. MAJOR revision.21st Information Security Conference (ISC2018)
DOI
10.1007/978-3-319-99136-8_23
Keywords
Digital signatureStrong existential unforgeabilityLeakage-resilienceHard-to-invert leakageAuxiliary(-input) leakage.
Contact author(s)
ishimasa @ iis u-tokyo ac jp
History
Short URL
https://ia.cr/2018/1044

CC BY

BibTeX

@misc{cryptoeprint:2018/1044,
author = {Masahito Ishizaka and Kanta Matsuura},
title = {Strongly Unforgeable Signatures Resilient to Polynomially Hard-to-Invert Leakage under Standard Assumptions},
howpublished = {Cryptology ePrint Archive, Paper 2018/1044},
year = {2018},
doi = {10.1007/978-3-319-99136-8_23},
note = {\url{https://eprint.iacr.org/2018/1044}},
url = {https://eprint.iacr.org/2018/1044}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.