Cremers, Cas ; Düzlü, Samed ; Fiedler, Rune ; Fischlin, Marc ; Janson, Christian (2021)
BUFFing signature schemes beyond unforgeability and the case of post-quantum signatures.
42nd IEEE Symposium on Security and Privacy. virtual Conference (24.-27.05.2021)
doi: 10.1109/SP40001.2021.00093
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Modern digital signature schemes can provide more guarantees than the standard notion of (strong) unforgeability, such as offering security even in the presence of maliciously generated keys, or requiring to know a message to produce a signature for it. The use of signature schemes that lack these properties has previously enabled attacks on real-world protocols. In this work we revisit several of these notions beyond unforgeability, establish relations among them, provide the first formal definition of non re-signability, and a transformation that can provide these properties for a given signature scheme in a provable and efficient way.Our results are not only relevant for established schemes: for example, the ongoing NIST PQC competition towards standardizing post-quantum signature schemes has six finalists in its third round. We perform an in-depth analysis of the candidates with respect to their security properties beyond unforgeability. We show that many of them do not yet offer these stronger guarantees, which implies that the security guarantees of these post-quantum schemes are not strictly stronger than, but instead incomparable to, classical signature schemes. We show how applying our transformation would efficiently solve this, paving the way for the standardized schemes to provide these additional guarantees and thereby making them harder to misuse.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2021 |
| Autor(en): | Cremers, Cas ; Düzlü, Samed ; Fiedler, Rune ; Fischlin, Marc ; Janson, Christian |
| Art des Eintrags: | Bibliographie |
| Titel: | BUFFing signature schemes beyond unforgeability and the case of post-quantum signatures |
| Sprache: | Englisch |
| Publikationsjahr: | 26 August 2021 |
| Verlag: | IEEE |
| Buchtitel: | Proceedings: 2021 IEEE Symposium on Security and Privacy (SP 2021) |
| Veranstaltungstitel: | 42nd IEEE Symposium on Security and Privacy |
| Veranstaltungsort: | virtual Conference |
| Veranstaltungsdatum: | 24.-27.05.2021 |
| DOI: | 10.1109/SP40001.2021.00093 |
| Kurzbeschreibung (Abstract): | Modern digital signature schemes can provide more guarantees than the standard notion of (strong) unforgeability, such as offering security even in the presence of maliciously generated keys, or requiring to know a message to produce a signature for it. The use of signature schemes that lack these properties has previously enabled attacks on real-world protocols. In this work we revisit several of these notions beyond unforgeability, establish relations among them, provide the first formal definition of non re-signability, and a transformation that can provide these properties for a given signature scheme in a provable and efficient way.Our results are not only relevant for established schemes: for example, the ongoing NIST PQC competition towards standardizing post-quantum signature schemes has six finalists in its third round. We perform an in-depth analysis of the candidates with respect to their security properties beyond unforgeability. We show that many of them do not yet offer these stronger guarantees, which implies that the security guarantees of these post-quantum schemes are not strictly stronger than, but instead incomparable to, classical signature schemes. We show how applying our transformation would efficiently solve this, paving the way for the standardized schemes to provide these additional guarantees and thereby making them harder to misuse. |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Kryptographie und Komplexitätstheorie DFG-Sonderforschungsbereiche (inkl. Transregio) DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) Forschungsfelder Forschungsfelder > Information and Intelligence Forschungsfelder > Information and Intelligence > Cybersecurity & Privacy DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen |
| Hinterlegungsdatum: | 09 Sep 2022 08:37 |
| Letzte Änderung: | 15 Aug 2023 09:39 |
| PPN: | 49974117X |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum