Attacking and repairing batch verification schemes

C Boyd, C Pavlovski - International Conference on the Theory and …, 2000 - Springer
C Boyd, C Pavlovski
International Conference on the Theory and Application of Cryptology and …, 2000Springer
Batch verification can provide large computational savings when several signatures, or other
constructs, are verified together. Several batch verification algorithms have been published
in recent years, in particular for both DSA-type and RSA signatures. We describe new
attacks on several of these published schemes. A general weakness is explained which
applies to almost all known batch verifiers for discrete logarithm based signature schemes. It
is shown how this weakness can be eliminated given extra properties about the underlying …
Abstract
Batch verification can provide large computational savings when several signatures, or other constructs, are verified together. Several batch verification algorithms have been published in recent years, in particular for both DSA-type and RSA signatures. We describe new attacks on several of these published schemes. A general weakness is explained which applies to almost all known batch verifiers for discrete logarithm based signature schemes. It is shown how this weakness can be eliminated given extra properties about the underlying group structure. A new general batch verifier for exponentiation in any cyclic group is also described as well as a batch verifier for modified RSA signatures.
Springer
Showing the best result for this search. See all results