Abstract
We consider protocols in which a signature authority issues RSA-signatures to an individual. These signatures are in general products of rational powers of residue classes modulo the composite number of the underlying RSA-system. These residue classes are chosen at random by the signature authority. Assuming that it is infeasible for the individual to compute RSA-roots on randomly chosen residue classes by himself, we give, as a consequence of our main theorem, necessary and sufficient conditions describing whether it is feasible for the individual to compute RSA-signatures of a prescribed type from signatures of other types that he received before from the authority.
This research has been made possible by a fellowship of the Royal Netherlands Academy of Arts and Sciences (K.N.A.W.)
Chapter PDF
Similar content being viewed by others
References
David Chaum, Bert den Boer, Eugène van Heyst, Stig Mjølsnes and Adri Steenbeek, “Efficient Offline Electronic Checks”, to appear in Advances in Cryptology-EUROCRYPT’ 89, Lecture Notes in Computer Science, Springer-Verlag.
David Chaum and Jan-Hendrik Evertse, “A secure and privacy-protecting protocol for transmitting personal information between organizations”, Advances in Cryptology-CRYPTO’ 86, A.M. Odlyzko ed., Lecture Notes in Computer Science 263, Springer-Verlag,. pp 118–167.
John Gill, “Computational Complexity of Probabilistic Turing Machines”, SIAM L. Comp. 6 (1977) pp. 675–695.
Johan Hastad, “On using RSA with low exponent in a public key network”, Advances in Cryptology-CRYPTO’ 85, H.C. Williams ed., Lecture Notes in Computer Science 218, Springer-Verlag,.pp403–408.
I. Heger, “Über die Auflösung eines Systemes von mehreren unbestimmten Gleichungen des ersten Grades in ganzen Zahlen”, Denkschriften der Königlichen Akademie der Wissenschaften (Wien), Mathematischnaturwissenschaftliche Klasse 14 (2. Abth.) (1858) pp1–122.
R. Kannan and A. Bachem, “Polynomial algorithms for computing the Smith and Hermite normal forms of an integer matrix”, SIAM Journal on Computing, 8 (1979) pp 499–507.
Tatsuaki Okamoto and Kazuo Ohta, “Disposable Zero-Knowledge Authentications and Their Applications to Untraceable Electronic Cash”, to appear in Advances in Cryptology-CRYPTO’ 89, Lecture Notes in Computer Science, Springer-Verlag.
R.L. Rivest, A. Shamir, and L. Adleman, “A Method for Obtaining Digital Signatures and Public Key Cryptosystems”, Comm. of the ACM 21 (1978) pp 120–126.
Alexander Schrijver, Theory of Linear and Integer Programming, John Wiley & Sons, 1986.
Adi Shamir, “On the Generation of Cryptographically Strong Pseudorandom Sequences”, ACM Trans. on Computer Systems, 1 (1983) pp 38–44.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1991 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Evertse, JH., van Heyst, E. (1991). Which new RSA signatures can be computed from some given RSA signatures?. In: Damgård, I.B. (eds) Advances in Cryptology — EUROCRYPT ’90. EUROCRYPT 1990. Lecture Notes in Computer Science, vol 473. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46877-3_8
Download citation
DOI: https://doi.org/10.1007/3-540-46877-3_8
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-53587-4
Online ISBN: 978-3-540-46877-6
eBook Packages: Springer Book Archive