Geodesic
Security properties of one “short” signature scheme
Matematičeskie voprosy kriptografii, Tome 13 (2022) no. 2, pp. 53-64 
A. M. Guselev. Security properties of one “short” signature scheme. Matematičeskie voprosy kriptografii, Tome 13 (2022) no. 2, pp. 53-64. http://geodesic.mathdoc.fr/item/MVK_2022_13_2_a4/
@article{MVK_2022_13_2_a4,
     author = {A. M. Guselev},
     title = {Security properties of one {{\cyrv}{\CYRDJE}{\cyrnje}short{\cyrv}{\CYRDJE}{\`\cyrk}} signature scheme},
     journal = {Matemati\v{c}eskie voprosy kriptografii},
     pages = {53--64},
     year = {2022},
     volume = {13},
     number = {2},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/MVK_2022_13_2_a4/}
}
TY  - JOUR
AU  - A. M. Guselev
TI  - Security properties of one “short” signature scheme
JO  - Matematičeskie voprosy kriptografii
PY  - 2022
SP  - 53
EP  - 64
VL  - 13
IS  - 2
UR  - http://geodesic.mathdoc.fr/item/MVK_2022_13_2_a4/
LA  - en
ID  - MVK_2022_13_2_a4
ER  - 
%0 Journal Article
%A A. M. Guselev
%T Security properties of one “short” signature scheme
%J Matematičeskie voprosy kriptografii
%D 2022
%P 53-64
%V 13
%N 2
%U http://geodesic.mathdoc.fr/item/MVK_2022_13_2_a4/
%G en
%F MVK_2022_13_2_a4

Voir la notice de l'article provenant de la source Math-Net.Ru

At CTCrypt 2020 workshop a "short" digital signature scheme was presented. The scheme was made up by three modifications of the scheme described in GOST R 34.10-2012. The security of the "short" signature scheme was considered from the provable security point of view. However no practical variants to attack the scheme were presented, the particular level of bit security was not estimated. In this article we discuss the influence of signature shortening on the security of suggested schemes. Several attacks based on the modifications are presented. Characteristics of the attacks are used to estimate the bit security of the "short" signature scheme.

[1] Akhmetzyanova L. R., Alekseev E. K., Babueva A. A., Smyshlyaev S. V., “On methods of shortening ElGamal-type signatures”, Matematicheskie Voprosy Kriptografii, 12:2 (2021), 75–91 (In Russian) | DOI | MR | Zbl

[2] GOST R 34.10-2012. Information technology. Cryptographic data security. Signature and verification processes of electronic digital signature, National standard of the Russian Federation, STANDARTINFORM, 2012 (In Russian)

[3] ElGamal T., “A public key cryptosystem and a signature scheme based on discrete logarithms”, IEEE Trans. Inf. Theory, 31 (1985), 469-472 | DOI | MR | Zbl

[4] Guselev A. M., “Application of the lattice theory to the analysis of digital signature schemes”, Matematicheskie Voprosy Kriptografii, 9:4 (2018), 73–84 (In Russian) | DOI | MR | Zbl

[5] Fersch M., Kiltz E., Poettering B., “On the provable security of (EC)DSA signatures”, Proc. 2016 ACM SIGSAC Conf. Computer Commun. Secur., 2016, 1651–1662 | DOI

[6] Schnorr C., “Efficient identification and signatures for smart cards”, CRYPTO'89, Lect. Notes Comput. Sci., 435, 1989, 239–252 | DOI | MR

[7] Pointcheval D., Stern J., “Security arguments for digital signatures and blind signatures”, J. Cryptology, 13:3 (2000), 361–396 | DOI | Zbl