Abstract
The Digital Signature Algorithm (DSA) was proposed in 1991 by the US National Institute of Standards and Technology to provide an appropriate core for applications requiring digital signatures. Undoubtedly, many applications will include this standard in the future and thus, the foreseen domination of DSA as a legal certification tool is sufficiently important to focus research endeavours on the suitability of this scheme to various situations.
In this paper, we present six new DSA-based protocols for:
-
Performing a quick batch-verification of n signatures. The proposed scheme allows to make the economy of ≈ 450n modular multiplications.
-
Avoiding the cumbersome calculation of 1 / k mod q by the signer.
-
Compressing sets of DSA transactions into shorter archive signatures.
-
Generating signatures from pre-calculated “Use & Throw” 224-bit signature-coupons.
-
Self-certifying the moduli and bit-patterning directly q on p (gain of 60.4% in key size).
All our schemes combine in a natural way full DSA compatibility and flexible trade-offs between computational complexity, transmission overheads and key sizes.
This work was started while visiting J.P.L. and CalTech's Electrical Engineering Department in the summer of 1993.
Chapter PDF
Keywords
- Signature Scheme
- Modular Multiplication
- Transmission Overhead
- Verification Strategy
- Digital Signature Algorithm
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
FIPS PUB XX, February 1, 1993, Digital Signature Standard.
E. Brickell, D. Gordon and K. McCurley, Fast exponentiation with precomputation, Technical report no. SAND91-1836C, Sandia National Laboratories, Albuquerque, New-Mexico, October 1991.
E. Brickell and K. McCurley, An interactive identification scheme based on discrete logarithms and factoring, Journal of Cryptology, vol 5, no. 1, 1992.
D. Chaum and J. Bos, Smart Cash: A practical electronic payment system, CWI-Report CS-R9035, August 1990.
T. El-Gamal, A public-key cryptosystem and a signature scheme based on discrete logarithms, IEEE TIT, vol. IT-31:4, pp 469–472, 1985.
L. Guillou and J.J. Quisquater, A practical zero-knowledge protocol fitted to security microprocessor minimising both transmission and memory, Advances in cryptology: Proceedings of Eurocrypt'88, LNCS, Springer-Verlag, Berlin, 330, pp 123–128, 1988.
L.H. Harper, Stirling behavior is asymptotically normal, Annals of Mathematical Statistics, vol. 38, pp. 410–414, 1967.
P. Montgomery, Modular multiplication without trial division, Mathematics of Computation., vol. 44(170), pp. 519–521, 1985.
J.H. Morris, Lambda-calculus models of programming languages, Ph.D. thesis, MIT, 1968.
C. Schnorr, Efficient identification and signatures for smart-cards, Advances in cryptology: Proceedings of Eurocrypt'89 (G. Brassard ed.), LNCS, Springer-Verlag, Berlin, 435 (1990), pp. 239–252.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Naccache, D., M'RaÏhi, D., Vaudenay, S., Raphaeli, D. (1995). Can D.S.A. be improved? — Complexity trade-offs with the digital signature standard —. In: De Santis, A. (eds) Advances in Cryptology — EUROCRYPT'94. EUROCRYPT 1994. Lecture Notes in Computer Science, vol 950. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0053426
Download citation
DOI: https://doi.org/10.1007/BFb0053426
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60176-0
Online ISBN: 978-3-540-44717-7
eBook Packages: Springer Book Archive