Abstract
In undeniable signature schemes the correctness or incorrectness of a signature of some message cannot be checked without the agreement of and the interaction with the signer. This is a favorable property for some applications. Well-known undeniable signature schemes presented in the literature will cause operations for the signer which take cubic running time. For a real world implementation, e.g., on a chip card or a web server this might be too inefficient.
In this paper, we present new efficient undeniable signature schemes which are constructed over an imaginary quadratic field. We compare our schemes to the only really competitive scheme so far, which is based on RSA. In all signature protocols presented here the signer's part involving the secret key is always of quadratic complexity, which is much faster in practice than the signer's part in the RSA-based undeniable signature protocol.
Similar content being viewed by others
References
E. Bach, Explicit bounds for primality testing and related problems, Mathematics of Computation, Vol. 55 (1990) pp. 355-380.
I. Biehl, J. Buchmann and T. Papanikolaou, LiDIA-A library for computational number theory, The LiDIA Group, Universität des Saarlandes, Saarbrücken, Germany (1995).
I. Biehl and J. Buchmann, An analysis of the reduction algorithms for binary quadratic forms, In (P. Engel and H. Syta eds.), Voronoi's Impact on Modern Science, Vol. I, Institute of Mathematics of National Academy of Sciences, Kyiv, Ukraine (1998).
J. Boyar, D. Chaum and I. Damgård, Convertible undeniable signatures, Advances in Cryptology-CRYPTO '90, LNCS 537 (1991) pp. 189-205.
J. Buchmann and H. C. Williams, A key-exchange system based on imaginary quadratic fields, Journal of Cryptology, Vol. 1 (1988) pp. 107-118.
J. Buchmann and H. C. Williams, Quadratic fields and cryptography, London Math. Soc. Lecture Note Series, Vol. 154 (1990) pp. 9-26.
J. Buchmann, S. Düllmann and H. C. Williams, On the complexity and efficiency of a new key exchange system, Advances in Cryptology-EUROCRYPT '89, LNCS 434 (1990) pp. 597-616.
D. Chaum, Zero-knowledge undeniable signatures, Advances in Cryptology-EUROCRYPT '90, LNCS 473 (1991) pp. 458-464.
D. Chaum and H. van Antwerpen, Undeniable signatures, Advances in Cryptology-CRYPTO '89, LNCS 435 (1990) pp. 212-216.
D. A. Cox, Primes of the Form x 2 + ny 2, John Wiley & Sons, New York (1989).
I. Damgård and T. Pedersen, New convertible signature schemes, Advances in Cryptology-EUROCRYPT '96, LNCS 1070 (1996) pp. 372-386.
W. Diffie and M. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, Vol. 22 (1976) pp. 472-492.
ECMNET Project, http://www.loria.fr/~zimmerma/records/ecmnet.html
T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithm in GF(p), IEEE Transactions on Information Theory, Vol. 31 (1985) pp. 469-472.
R. Gennaro, H. Krawczyk and T. Rabin, RSA-based undeniable signatures, Advances in Cryptology-CRYPTO '97, LNCS 1294 (1997) pp. 132-149.
S. Goldwasser, S. Micali and C. Rackoff, The knowledge complexity of interactive proof systems, Proceedings of STOC'85, (1985) pp. 291-304.
S. Goldwasser, S. Micali and C. Rackoff, The knowledge complexity of interactive proof systems, SIAM J. Computing, Vol. 18 (1986) pp. 186-208.
M. Hartmann, S. Paulus and T. Takagi, NICE for smart cards, to be presented on CHES 99, Worchester.
D. Hühnlein, M. J. Jacobson, Jr., S. Paulus and T. Takagi, A cryptosystem based on non-maximal imaginary quadratic orders with fast decryption, Advances in Cryptology-EUROCRYPT '98, LNCS 1403 (1998) pp. 294-307.
J. L. Hafner and K. S. McCurley, A rigorous subexponential algorithm for computation of class groups, J. Amer. Math. Soc., Vol. 2 (1989) pp. 837-850.
H. W. Lenstra, Jr., Factoring integers with elliptic curves, Annals of Mathematics, Vol. 126 (1987) pp. 649-673.
H. W. Lenstra, Jr., Fast and rigorous factorization under the generalized Riemann hypothesis, Tech. Report 87-007, University of Chicago (1987).
A. K. Lenstra and H. W. Lenstra, Jr. (eds.), The development of the number field sieve, Lecture Notes in Mathematics, 1554, Springer-Verlag, Berlin, Heidelberg (1991).
K. S. McCurley, A key distribution system equivalent to factoring, Journal of Cryptology, Vol. 1 (1988) pp. 95-105.
A. J. Menezes, P. C. van Oorschot and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, Boca Raton, New York, London, Tokyo (1996).
A. Meyer, Ein neues Identifikations-und Signaturverfahren über imaginär-quadratischen Klassengruppen, Diplomarbeit, Universität des Saarlandes (1997).
M. Naor and M. Yung, Public key cryptosystems provably secure against chosen ciphertext attacks, Proceedings of STOC 22 (1990) pp. 427-437.
S. Paulus and T. Takagi, A new public-key cryptosystem over quadratic orders with quadratic decryption time, Journal of Cryptology, Vol. 13, No. 2 (2000) pp. 263-272.
R. Peralta and E. Okamoto, Faster factoring of integers of a special form, IEICE Trans. Fundamentals, Vol. E79-A, No. 4 (1996) pp. 489-493.
H. Riele, Factorization of RSA-140 with the Number Field Sieve, http://www.rsa.com/rsalabs/html/ rsa140.html, February 4, 1999.
R. Rivest, A. Shamir and L. M. Adleman, A method for obtaining digital signatures and public key cryptosystems, Communications of the ACM, Vol. 21, No. 2 (1978) pp. 120-126.
R. Rivest and R. D. Silverman, Are “strong” primes needed for RSA?, The 1997 RSA Laboratories Seminar Series, Seminars Proceedings (1997).
J. Rompel, One-way functions are necessary and sufficient for secure signatures, Proceedings of STOC 22 (1990) pp. 387-394.
R. J. Schoof, Quadratic fields and factorization, In (H. W. Lenstra and R. Tijdeman eds.), Computational Methods in Number Theory, Math. Centrum Tracts 155, Part II, Amsterdam (1983) pp. 235-286.
D. Shanks, Gauss and composition I, II In (R. A. Mollin ed.), O ASI on Number Theory and Applications Kluwer Academic Press (1989) pp. 163-179.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Biehl, I., Paulus, S. & Takagi, T. Efficient Undeniable Signature Schemes Based on Ideal Arithmetic in Quadratic Orders. Designs, Codes and Cryptography 31, 99–123 (2004). https://doi.org/10.1023/B:DESI.0000012439.20075.16
Issue Date:
DOI: https://doi.org/10.1023/B:DESI.0000012439.20075.16