48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07) (2007)

Providence, Rhode Island

Oct. 21, 2007 to Oct. 23, 2007

ISSN: 0272-5428

ISBN: 0-7695-3010-9

pp: 680-688

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/FOCS.2007.71

ABSTRACT

<p>We show that every black-box construction of one-time signature schemes from a random oracle achieves security at most poly(q)2^q, where q is the total number of queries to the oracle by the generation, signing, and verification algorithms. That is, any such scheme can be broken with probability close to 1 by a (computationally unbounded) adversary making poly(q)2^q queries to the oracle. This is tight up to a constant factor in the number of queries, since a simple modification of Lamport?s scheme achieves 2^{(0.812 - o(1))q} security using q queries.</p><p> Our results extend (with a loss of a constant factor in the number of queries) also to the random permutation and idealcipher oracles, and so can be taken as evidence of an inherent efficiency gap between signature schemes and symmetric primitives such as block ciphers, hash functions, and message authentication codes.</p>

INDEX TERMS

null

CITATION

B. Barak and M. Mahmoody-Ghidary, "Lower Bounds on Signatures From Symmetric Primitives,"

*48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07)(FOCS)*, Providence, Rhode Island, 2007, pp. 680-688.

doi:10.1109/FOCS.2007.71

CITATIONS