Security arguments for digital signatures and blind signatures (Q1573771): Difference between revisions

This paper proves the security of a large class of signature schemes in the so-called random oracle model. This model assumes that the hash function used in a signature scheme behaves as a random function. However, it has been shown that there exist (contrived) schemes that are provably secure in the random oracle model, but not when used with a real hash function. So, as also stated by the authors of the paper: the paper offers security arguments for a large class of known signature schemes that includes for instance the Schnorr signature scheme and a slight variation of the well-known ElGamal signature scheme. The latter is particuarly interesting as, in spite of the existential forgery of the original scheme, the paper proves that the proposed variant resists existential forgeries even against an adaptively chosen-message attack, assuming the discrete logarithm problem is hard to solve. The paper furthermore studies the security of blind signatures. Such schemes are an important ingredient for anonymity in electronic cash systems. The paper also proposes new blind signature schemes and gives a security argument for it.