[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gzz-commits] manuscripts/Sigs article.rst
From: |
Benja Fallenstein |
Subject: |
[Gzz-commits] manuscripts/Sigs article.rst |
Date: |
Mon, 19 May 2003 14:59:40 -0400 |
CVSROOT: /cvsroot/gzz
Module name: manuscripts
Changes by: Benja Fallenstein <address@hidden> 03/05/19 14:59:40
Modified files:
Sigs : article.rst
Log message:
concl
CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/article.rst.diff?tr1=1.124&tr2=1.125&r1=text&r2=text
Patches:
Index: manuscripts/Sigs/article.rst
diff -u manuscripts/Sigs/article.rst:1.124 manuscripts/Sigs/article.rst:1.125
--- manuscripts/Sigs/article.rst:1.124 Mon May 19 14:58:39 2003
+++ manuscripts/Sigs/article.rst Mon May 19 14:59:39 2003
@@ -268,6 +268,18 @@
tv=5.57e+03 [~27.84ms])
+- Maybe also mention:
+
+ Note that rejection of a wrong key the most time-critical
+ operation, in order to avoid DOSing through giving loads
+ of wrong signatures. If the adversary can only forge the
+ first `$b_0$` bits of the message, rejection of the sig
+ will only take `$\\frac{b_0}{b}$` of the above estimate.
+
+ If the signed bits are the cryptographic hash of the
+ actual message, forging many bits may be hard.
+
+
Practical Variants
==================
@@ -312,6 +324,7 @@
==========
- presented a new signature scheme with several benefits
+ as far as we know not found together so far
- no trapdoor funcs
@@ -337,6 +350,10 @@
- naturally not foolproof: e.g. hashes *do* get broken, REF
+ - signatures in practice do depend on a hash function for
+ long messages. however, it only needs to be collision-resistant,
+ not a random oracle
+
- key idea: using the deterministic random oracle
to create a huge virtual tree of private keys,
@@ -347,9 +364,8 @@
to work if only a predetermined number of documents is ever signed
with a key.
+ - not worse than RSA, where giving more signatures increases
+ the possibility of factoring
+
Acknowledgments
===============
-
-
-
-
- [Gzz-commits] manuscripts/Sigs article.rst, (continued)
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst,
Benja Fallenstein <=
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19