Lower Bounds on Signatures From Symmetric Primitives

Providence, Rhode Island October 21-October 23

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/FOCS.2007.71

48th Annual IEEE Symposium on Foundat ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Boaz Barak Articles by Mohammad Mahmoody-Ghidary

	ASCII Text	x
	Boaz Barak, Mohammad Mahmoody-Ghidary, "Lower Bounds on Signatures From Symmetric Primitives," Foundations of Computer Science, Annual IEEE Symposium on, pp. 680-688, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07), 2007.

	BibTex	x
	@article{ 10.1109/FOCS.2007.71, author = {Boaz Barak and Mohammad Mahmoody-Ghidary}, title = {Lower Bounds on Signatures From Symmetric Primitives}, journal ={Foundations of Computer Science, Annual IEEE Symposium on}, volume = {0}, year = {2007}, issn = {0272-5428}, pages = {680-688}, doi = {http://doi.ieeecomputersociety.org/10.1109/FOCS.2007.71}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Foundations of Computer Science, Annual IEEE Symposium on TI - Lower Bounds on Signatures From Symmetric Primitives SN - 0272-5428 SP680 EP688 A1 - Boaz Barak, A1 - Mohammad Mahmoody-Ghidary, PY - 2007 KW - null VL - 0 JA - Foundations of Computer Science, Annual IEEE Symposium on ER -

Boaz Barak

Mohammad Mahmoody-Ghidary

We show that every black-box construction of one-time signature schemes from a random oracle achieves security at most poly(q)2^q, where q is the total number of queries to the oracle by the generation, signing, and verification algorithms. That is, any such scheme can be broken with probability close to 1 by a (computationally unbounded) adversary making poly(q)2^q queries to the oracle. This is tight up to a constant factor in the number of queries, since a simple modification of Lamport?s scheme achieves 2^{(0.812 - o(1))q} security using q queries.

Our results extend (with a loss of a constant factor in the number of queries) also to the random permutation and idealcipher oracles, and so can be taken as evidence of an inherent efficiency gap between signature schemes and symmetric primitives such as block ciphers, hash functions, and message authentication codes.

Citation:

Boaz Barak, Mohammad Mahmoody-Ghidary, "Lower Bounds on Signatures From Symmetric Primitives," focs, pp.680-688, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.