Presentation is loading. Please wait.

Presentation is loading. Please wait.

Improving Lamport One-time Signature Scheme

Published byBrendan Osborne Modified over 6 years ago

Similar presentations

Presentation on theme: "Improving Lamport One-time Signature Scheme"— Presentation transcript:

1 Improving Lamport One-time Signature Scheme
Ming-Hsin Chang, Yi-Shiung Yeh, Elsevier, Appl. Math. Comput., 2005 Presented by 盧奕吉

2 Outline Introduction Lamport’s Scheme Proposed Scheme
Security & Performance Analysis Conclusion

3 Introduction One-time signature scheme
is used to sign at most one message; otherwise the signature can be forged. has the property of efficient signature generation and verification. requires a large amount of storage space.

4 Lamport’s Scheme Lamport’s one-time signature scheme is comprised of 3 phases: Key generation phase Signing phase Verification phase

5 Key Generation Phase Select 2k elements randomly with 1 ≤ i ≤ k and j = 0,1. (k is the length of the message in base 2). Compute for all i,j.

6 Signing Phase To sign a k-bit message m = m1…mk, sig(m) = sig(m1…mk) = ( ). i.e., to sign a message m = 10…1, the signature becomes:

7 Verification Phase To verify the signature check if holds, where 1≤ i ≤ k.

8 Proposed Scheme Key Generation Select a number e and set .
Derive the value L, which is the length of the message in base v. For each column i, randomly select e+1 elements, where 1 ≤ i ≤ L.

9

10 Proposed Scheme To sign a message m:
Convert m to base v representation. For each digit of mi, further convert it to base 2 representation. sig(m) = sig(m1…mL) = where , such that the symbol x signifies the 2’s representation of mi.

11 Proposed Scheme To sign a message m, first select a value e, say 3, and set v = 2(e+1) = 16. Then convert m to base v, e.g., m = (3A…1)16 . Again convert each digit to base 2 representation, i.e., 3 = (0011)2, A = (1010)2 and 1 = (0001)2, etc.

12 Proposed Scheme Verification
To verify the signature, simply check if the signature matches the corresponding z’s. If so, the signature is genuine.

13 Performance Analysis # of public key items Avg. # of signature terms
Avg. # of verification Lamport’s Scheme 320 160 Proposed Scheme 80 *For message length of 160 bits

14 Security Analysis Security equals to the number of signature terms, in Lamport case, it equals to the number of bits. In the proposed scheme, the number of signature terms is halved, L*e/2.

15 Conclusion Although the proposed scheme’s performance is twice as fast as Lamport’s, its security, however, is sacrificed. Due to the particular nature of Lamport’s signature scheme, the performance growth will always be proportional to the security decrease.

Download ppt "Improving Lamport One-time Signature Scheme"

Similar presentations

1 9 4 5 1 8 8 6 E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April. 30. 2003 Seo, Seung-Hyun Dept. of Computer Science and.

E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April Seo, Seung-Hyun Dept. of Computer Science and.
Advanced Security Constructions and Key Management Class 16.

Advanced Security Constructions and Key Management Class 16.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU 20082065 Myunghan Yoo.

LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU Myunghan Yoo.
Chapter 2 Digital data Ola A. Younis. Elements of digital media Symbols : representation for something else. Example: a group of letters often serve as.

Chapter 2 Digital data Ola A. Younis. Elements of digital media Symbols : representation for something else. Example: a group of letters often serve as.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Efficient aggregation of encrypted data in Wireless Sensor Network Author: Einar Mykletun, Gene Tsudik Presented by Yi Cheng Lin Date: March 13, 2007.

Efficient aggregation of encrypted data in Wireless Sensor Network Author: Einar Mykletun, Gene Tsudik Presented by Yi Cheng Lin Date: March 13, 2007.
Maths for Computer Graphics

Maths for Computer Graphics
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Authenticating streamed data in the presence of random packet loss March 17th, 2000. Philippe Golle, Stanford University.

Authenticating streamed data in the presence of random packet loss March 17th, Philippe Golle, Stanford University.
Algorithms. Introduction Before writing a program: –Have a thorough understanding of the problem –Carefully plan an approach for solving it While writing.

Algorithms. Introduction Before writing a program: –Have a thorough understanding of the problem –Carefully plan an approach for solving it While writing.
1 CIS 5371 Cryptography 9. Data Integrity Techniques.

1 CIS 5371 Cryptography 9. Data Integrity Techniques.
A Double-Efficient Integrity Verification Scheme to Cloud Storage Data Deng Hongyao, Song Xiuli, Tao jingsong 2014 TELKOMNIKA Indonesian Journal of Electrical.

A Double-Efficient Integrity Verification Scheme to Cloud Storage Data Deng Hongyao, Song Xiuli, Tao jingsong 2014 TELKOMNIKA Indonesian Journal of Electrical.
Binary Logic and Gates COE 202 Digital Logic Design Dr. Aiman El-Maleh

Binary Logic and Gates COE 202 Digital Logic Design Dr. Aiman El-Maleh
8. Data Integrity Techniques

8. Data Integrity Techniques
The RSA Algorithm Rocky K. C. Chang, March 2014 1.

The RSA Algorithm Rocky K. C. Chang, March
An Efficient and Secure Event Signature (EASES) Protocol for Peer-to-Peer Massively Multiplayer Online Games Mo-Che Chan, Shun-Yun Hu and Jehn-Ruey Jiang.

An Efficient and Secure Event Signature (EASES) Protocol for Peer-to-Peer Massively Multiplayer Online Games Mo-Che Chan, Shun-Yun Hu and Jehn-Ruey Jiang.
Normal Distribution MATH 102 Contemporary Math S. Rook.

Normal Distribution MATH 102 Contemporary Math S. Rook.
Gridded Response Practice 3-5 NRMPS Math.

Gridded Response Practice 3-5 NRMPS Math.
Topic 22: Digital Schemes (2)

Topic 22: Digital Schemes (2)

Similar presentations

Ads by Google