In modern communication systems, a popular way of providing authentication in an authenticated Diffie-Hellman key agreement protocol is to sign the result of a one-way hash function (such as MD5) of a Diffie-Hellman public key. The security of such a protocol is based on the weakest of all the cryptographic assumptions of the algorithms involved: Diffie-Hellman key distribution, digital signature and a one-way hash function. If a protocol can be constructed using one cryptographic assumption, it would be at least as secure as that with multiple assumptions. The authors propose three authenticated Diffie-Hellman key-agreement protocols, each of which is based on one cryptographic assumption. In particular, the first protocol is based on a discrete logarithm, the second on an elliptic curve and the third on RSA factoring. The main objective of the paper is to show that the security of a protocol should be assessed at the protocol level as a whole, rather than at the level of individual algorithms that are used to build the protocol.
The first on-line/off-line signature scheme introduced by Even et al. in 1990 has two problems: (a) impractical signature length and (b) a one-time use of signature generated during the off-line phase. In 2001, Shamir and Tauman significantly shortened the length of the signature by using trapdoor hash families introduced by Krawczyk and Rabin in 2000. However, each trapdoor hash value and its signature in the off-line phase of Shamir and Tauman's signature scheme can be used for signing only one message in the on-line phase. In this paper, we propose multiple-collision trapdoor hash families based on discrete logarithm and factoring assumptions, and provide formal proofs of their security. We also introduce an efficient on-line/off-line signature scheme based on our proposed trapdoor hash families. Our on-line/off-line signature scheme can re-use a trapdoor hash value for signing multiple messages. If a signer includes this trapdoor hash value in the public-key digital certificate, there is no need to have any regular digital signature scheme to sign the trapdoor hash value in the off-line phase.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.