Geodesic
On the unforgeability of the Chaum~--- Pedersen blind~signature scheme
Prikladnaâ diskretnaâ matematika, no. 3 (2024), pp. 41-65.

Voir la notice de l'article provenant de la source Math-Net.Ru

The paper is devoted to the analysis of the unforgeability property of the Chaum — Pedersen blind signature scheme in case an adversary is able to initiate parallel sessions of the signature generation protocol. It is shown that the scheme does not ensure strong unforgeability, i.e., it allows to create the forgeries for “old” messages that were legitimately signed. An analysis of the weak unforgeability property (the adversary's task is to create a forgery for a new message) is also conducted. Using the reduction method, we obtain a security bound on the weak unforgeability property in the algebraic group model and random oracle model. This estimation identifies the base problems whose complexity underpins the scheme security.
Keywords: blind signature scheme, Chaum — Pedersen blind signature, ROS attack. 
@article{PDM_2024_3_a2,
     author = {L. R. Akhmetzyanova and A. A. Babueva},
     title = {On the unforgeability of the {Chaum~---} {Pedersen} blind~signature scheme},
     journal = {Prikladna\^a diskretna\^a matematika},
     pages = {41--65},
     publisher = {mathdoc},
     number = {3},
     year = {2024},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/PDM_2024_3_a2/}
}
TY  - JOUR
AU  - L. R. Akhmetzyanova
AU  - A. A. Babueva
TI  - On the unforgeability of the Chaum~--- Pedersen blind~signature scheme
JO  - Prikladnaâ diskretnaâ matematika
PY  - 2024
SP  - 41
EP  - 65
IS  - 3
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/PDM_2024_3_a2/
LA  - ru
ID  - PDM_2024_3_a2
ER  - 
%0 Journal Article
%A L. R. Akhmetzyanova
%A A. A. Babueva
%T On the unforgeability of the Chaum~--- Pedersen blind~signature scheme
%J Prikladnaâ diskretnaâ matematika
%D 2024
%P 41-65
%N 3
%I mathdoc
%U http://geodesic.mathdoc.fr/item/PDM_2024_3_a2/
%G ru
%F PDM_2024_3_a2
L. R. Akhmetzyanova; A. A. Babueva. On the unforgeability of the Chaum~--- Pedersen blind~signature scheme. Prikladnaâ diskretnaâ matematika, no. 3 (2024), pp. 41-65. http://geodesic.mathdoc.fr/item/PDM_2024_3_a2/

[1] Chaum D., “Blind signatures for untraceable payments”, Advances in Cryptology, eds. D. Chaum, R. L. Rivest, and A. T. Sherman, Springer, Boston, MA, 1983, 199–203 | DOI | MR

[2] Fujioka A., Okamoto T., and Ohta K., “A practical secret voting scheme for large scale elections”, LNCS, 718, 1993, 244–251 | Zbl

[3] Pointcheval D. and Stern J., “Provably secure blind signature schemes”, LNCS, 1163, 1996, 252–265 | MR | Zbl

[4] Schnorr C. P., “Security of blind discrete log signatures against interactive attacks”, LNCS, 2229, 2001, 1–12 | Zbl

[5] Benhamouda F., Lepoint T., Loss J., et al., “On the (in) security of ROS”, J. Cryptology, 35:4 (2022), 25 | DOI | MR | Zbl

[6] Akhmetzyanova L., Alekseev E., Babueva A., and Smyshlyaev S., “On the (im)possibility of secure ElGamal blind signatures”, Matem. Vopr. Kriptogr., 14:2 (2023), 25–42 | DOI | MR | Zbl

[7] Pointcheval D. and Stern J., “Security arguments for digital signatures and blind signatures”, J. Cryptology, 13 (2000), 361–396 | DOI | Zbl

[8] Abe M. and Okamoto T., “Provably secure partially blind signatures”, LNCS, 1880, 2000, 271–286 | MR | Zbl

[9] Brands S., “Untraceable off-line cash in wallets with observers”, LNCS, 773, 1994, 302–318 | Zbl

[10] Chaum D. and Pedersen T. P., “Wallet databases with observers”, LNCS, 740, 1993, 89–105

[11] Fischlin M. and Schroder D., “On the impossibility of three-move blind signature schemes”, LNCS, 6110, 2010, 197–215 | MR | Zbl

[12] Pass R., “Limits of provable security from standard assumptions”, Proc. 43rd Ann. ACM Symp. Theory Computing (San Jose, California, USA, 2011), 109–118 | MR | Zbl

[13] Bellare M. and Rogaway P., “Random oracles are practical: A paradigm for designing efficient protocols”, Proc. CCS'93 (Fairfax, Virginia, USA, 1993), 62–73

[14] Nechaev V. I., “Complexity of a determinate algorithm for the discrete logarithm”, Math. Notes, 55:2 (1994), 165–172 | DOI | MR | Zbl

[15] Fuchsbauer G., Kiltz E., and Loss J., “The algebraic group model and its applications”, LNCS, 10992, 2018, 33–62 | MR | Zbl

[16] Baldimtsi F. and Lysyanskaya A., “On the security of one-witness blind signature schemes”, LNCS, 8270, 2013, 82–99 | MR | Zbl

[17] Chairattana-Apirom R., Tessaro S., and Zhu C., Pairing-Free Blind Signatures from CDH Assumptions, Cryptology ePrint Archive, 2023/1780, , 2023 https://eprint.iacr.org/2023/1780

[18] Crites E., Komlo C., Maller M., et al., “Snowblind: A threshold blind signature in pairing-free groups”, LNCS, 14081, 2023, 710–742 | MR | Zbl

[19] Tessaro S. and Zhu C., “Short pairing-free blind signatures with exponential security”, LNCS, 13276, 2022, 782–811 | MR | Zbl

[20] Bellare M., Namprempre C., Pointcheval D., and Semanko M., “The one-more-RSA-inversion problems and the security of Chaum's blind signature scheme”, J. Cryptology, 16:3 (2003), 185–215 | DOI | MR | Zbl

[21] Bauer B., Fuchsbauer G., and Loss J., “A classification of computational assumptions in the algebraic group model”, LNCS, 12171, 2020, 121–151 | MR | Zbl

[22] Faz-Hernandez A., Scott S., Sullivan N., et al., Hashing to Elliptic Curves, https://datatracker.ietf.org/doc/rfc9380/

[23] Paquin C. and Zaverucha G., U-Prove Cryptographic Specification V1.1 (Revision 3), 2013 https://www.microsoft.com/en-us/research/publication/u-prove-cryptographic-specification-v1-1-revision-3/

[24] Boneh D. and Boyen X., “Short signatures without random oracles”, LNCS, 3027, 2004, 56–73 | MR | Zbl

[25] Koblitz N. and Menezes A., “Another look at non-standard discrete log and Diffie — Hellman problems”, J. Math. Cryptology, 2:4 (2008), 311–326 | DOI | MR | Zbl

[26] Cheon J. H., “Security analysis of the strong Diffie — Hellman problem”, LNCS, 4004, 2006, 1–11 | MR | Zbl

[27] R 1323565.1.024-2019 “Information Technology. Cryptographic Data Security. Elliptic Curve Parameters for the Cryptographic Algorithms and Protocols”, Standartinform Publ., M., 2019 (in Russian)

[28] Van der Meer N., Root Finding over Finite Fields for Secure Multiparty Computation, Bachelor Thesis, Eindhoven University of Technology, 2021