Paper 2023/914
Limits in the Provable Security of ECDSA Signatures
Abstract
Digital Signatures are ubiquitous in modern computing. One of the most widely used digital signature schemes is ECDSA due to its use in TLS, various Blockchains such as Bitcoin and Etherum, and many other applications. Yet the formal analysis of ECDSA is comparatively sparse. In particular, all known security results for ECDSA rely on some idealized model such as the generic group model or the programmable (bijective) random oracle model.
In this work, we study the question whether these strong idealized models are necessary for proving the security of ECDSA. Specifically, we focus on the programmability of ECDSA's "conversion function" which maps an elliptic curve point into its
Metadata
- Available format(s)
-
PDF
- Category
- Foundations
- Publication info
- Preprint.
- Keywords
- ECDSArandom oracle modelprogrammabilitymeta reductions
- Contact author(s)
-
dominik hartmann @ rub de
eike kiltz @ rub de - History
- 2023-06-14: approved
- 2023-06-12: received
- See all versions
- Short URL
- https://ia.cr/2023/914
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/914, author = {Dominik Hartmann and Eike Kiltz}, title = {Limits in the Provable Security of {ECDSA} Signatures}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/914}, year = {2023}, url = {https://eprint.iacr.org/2023/914} }