On Designated Verifier Signature Schemes
Designated verifier signature schemes allow a signer to convince only the designated verifier that a signed message is authentic. We define attack models on the unforgeability property of such schemes and analyze relationships among the models. We show that the no-message model, where an adversary is given only public keys, is equivalent to the model, where an adversary has also oracle access to the verification algorithm. We also show a separation between the no-message model and the chosen-message model, where an adversary has access to the signing algorithm. Furthermore, we present a modification of the Yang-Liao designated verifier signature scheme and prove its security. The security of the modified scheme is based on the computational Diffie-Hellman problem, while the original scheme requires strong Diffie-Hellman assumption.
Attacking M&M Collective Signature Scheme
A collective signature scheme aims to solve the problem of signing a message by multiple signers. Recently, Moldovyan and Moldovyan  proposed a scheme for collective signatures based on Schnorr signatures. We show some security weaknesses of the scheme.
Properties of Cryptographic Hash Functions
This paper extends the work of Rogaway and Shrimpton (2004), where they formalized seven security properties: notions of preimage resistance (Pre, aPre, ePre), second-preimage resistance (Sec, aSec, eSec) and collision resistance (Coll). They also give all the implications and separations among the properties. In this paper we consider three additional security properties which are important in applications of hash functions: unforgeability (MAC), pseudo-random function (Prf) and pseudo-random oracle (Pro). We give a new type of the implication and separation between the security notions since the ones defined by Rogaway and Shrimpton were too constraining, and work out all the relationships among the ten security notions above. Some of the relations have been proven before, some of them appear to be new. We show that a property pseudo-random oracle (Pro) introduced by Coron, Dodis, Malinaud and Puniya is (as expected) the strongest one, since it implies almost all of the other properties.
- Martin Stanek (2)