Big Chemical Encyclopedia

Chemical substances, components, reactions, process design ...

Articles Figures Tables About

Standard with prekey

The actual definition of so-called standard fail-stop signature schemes is contained in Section 7.1. In Section 7.2, relations to alternative or additional security properties are shown. Section 7.3 presents fail-stop signature schemes with prekey, an important subclass, and proves simplified security criteria for them. Section 7.4 shows the relation between standard fail-stop signature schemes and ordinary digital signature schemes. Section 7.5 contains constructions of schemes with many risk bearers from schemes with one risk bearer. [Pg.149]

As the zero-knowledge proof scheme in a standard fail-stop signature scheme with prekey is required to be secure in itself, and alljtest decides membership in All correctly, it is natural to reduce the security of such a scheme to criteria that only deal with the remaining components.. This is done in the following theorem. The criteria are considerably simpler than the original definitions, because interaction in key generation no longer has to be considered. The constructions in Chapters 9 and 10 only have to be proved with respect to these criteria. [Pg.196]

Theorem 7.34 (Simplified security criteria). If a standard fail-stop signature scheme with prekey fulfils the following three criteria, then... [Pg.196]

Effectiveness of authentication follows immediately from Definition 7.10. Usually, error-free effectiveness of authentication is required with standard ordinary digital signature schemes. This is guaranteed if effectiveness of authentication is error-free in the underlying standard fail-stop signature scheme, or at least in the case of correct execution of Gen, i.e., with B = B. In particular, this is the case if a standard fail-stop signature scheme with prekey is used (Theorem 7.34b). [Pg.203]

Definition 9.1. A standard fail-stop signature scheme with prekey for signing message blocks is defined like a standard fail-stop signature scheme with prekey, except that there is no fixed message space M. Instead, there is a family of message-block spaces... [Pg.289]

In this section, a framework for constructing standard fail-stop signature schemes with prekey for signing one message block from a collision-intractable family of bundling homomorphisms is described. Two parameters (the exact family of... [Pg.290]

Theorem 9.9. Construction 9.4 yields a secure standard fail-stop signature scheme with prekey for signing one message block if the following condition holds for the parameters BundFam, MFam, and tau (i.e., the family of bundling homo-morphisms, the message-block spaces, and the function that determines the bun-... [Pg.298]

In this section, an efficient standard fail-stop signature scheme with prekey for signing one message block is shown where the security for the risk bearer can be proved on the abstract discrete-logarithm assumption. Recall that this scheme (for subgroups of prime fields) is due to [HePe93]. [Pg.299]

In the following, first a general theorem about combinations of hash functions and standard fail-stop signature schemes with prekey is presented formally. If a concrete fail-stop signature scheme based on a factoring or discrete-logarithm assumption is used, it is natural to combine it with a family of hash functions based on the same assumption. These special cases are considered afterwards. [Pg.313]

The construction in this section is formalized so that it yields one-time standard fail-stop signature schemes with prekey that fiilfil the simplified security criteria for such schemes from Theorem 7.34, because the constructions in Sections 10.2 to... [Pg.313]

Theorem 10.2 (Message hashing). Construction 10.1 defines components of a standard fail-stop signature scheme with prekey for the message space 0, 1 . If... [Pg.316]

The corresponding standard fail-stop signature scheme with hottom-up tree authentication (also with prekey) for the same message space has the following components, which are written with an asterisk (see Figure 10.1) The set Message bounds is the set of powers of 2. [Pg.322]

The corresponding standard fail-stop signature scheme with top-down tree authentication and a small amount of private storage (with prekey and with a distinction between private and authentic storage) is constructed by using the given one-time scheme in top-down tree authentication (Construction 10.13) with the following modifications ... [Pg.335]

See other pages where Standard with prekey is mentioned: [Pg.192]    [Pg.253]    [Pg.289]    [Pg.290]    [Pg.291]    [Pg.293]    [Pg.299]    [Pg.304]    [Pg.305]    [Pg.313]    [Pg.314]    [Pg.322]    [Pg.325]    [Pg.334]    [Pg.335]    [Pg.339]    [Pg.339]    [Pg.340]    [Pg.343]    [Pg.216]    [Pg.368]   
See also in sourсe #XX -- [ Pg.192 ]



SEARCH



Prekey

© 2024 chempedia.info