TY  - JOUR
A1  - Schnorr, Claus Peter
T1  - Security of blind discrete log signatures against interactive attacks
N2  - We present a novel parallel one-more signature forgery against blind Okamoto-Schnorr and blind Schnorr signatures in which an attacker interacts some times with a legitimate signer and produces from these interactions signatures. Security against the new attack requires that the following ROS-problem is intractable: find an overdetermined, solvable system of linear equations modulo with random inhomogenities (right sides). There is an inherent weakness in the security result of POINTCHEVAL AND STERN. Theorem 26 [PS00] does not cover attacks with 4 parallel interactions for elliptic curves of order 2200. That would require the intractability of the ROS-problem, a plausible but novel complexity assumption. Conversely, assuming the intractability of the ROS-problem, we show that Schnorr signatures are secure in the random oracle and generic group model against the one-more signature forgery.
Y1  - 2005
UR  - http://publikationen.ub.uni-frankfurt.de/frontdoor/index/index/docId/4292
UR  - https://nbn-resolving.org/urn:nbn:de:hebis:30-12026
UR  - http://www.mi.informatik.uni-frankfurt.de/research/papers/schnorr.blind_sigs_attack.2001.ps
N1  - Postprint, zuerst in: Proceedings of ICICS 2001, 13-16 Nov. 2001 Xian, China - Lecture Notes in Computer Science Vol.2229, Springer-Verlag, 2001, S. 1-12
ER  -