246 lines
16 KiB
BibTeX
246 lines
16 KiB
BibTeX
|
||
@inproceedings{brendel_provable_2021,
|
||
address = {San Francisco, CA, USA},
|
||
title = {The {Provable} {Security} of {Ed25519}: {Theory} and {Practice}},
|
||
isbn = {978-1-72818-934-5},
|
||
shorttitle = {The {Provable} {Security} of {Ed25519}},
|
||
url = {https://ieeexplore.ieee.org/document/9519456/},
|
||
doi = {10.1109/SP40001.2021.00042},
|
||
abstract = {A standard requirement for a signature scheme is that it is existentially unforgeable under chosen message attacks (EUF-CMA), alongside other properties of interest such as strong unforgeability (SUF-CMA), and resilience against key substitution attacks.},
|
||
language = {en},
|
||
urldate = {2023-02-16},
|
||
booktitle = {2021 {IEEE} {Symposium} on {Security} and {Privacy} ({SP})},
|
||
publisher = {IEEE},
|
||
author = {Brendel, Jacqueline and Cremers, Cas and Jackson, Dennis and Zhao, Mang},
|
||
month = may,
|
||
year = {2021},
|
||
pages = {1659--1676},
|
||
file = {Brendel et al. - 2021 - The Provable Security of Ed25519 Theory and Pract.pdf:/home/rixxc/Zotero/storage/6I9NJFIX/Brendel et al. - 2021 - The Provable Security of Ed25519 Theory and Pract.pdf:application/pdf},
|
||
}
|
||
|
||
@techreport{moody_digital_2023,
|
||
address = {Gaithersburg, MD},
|
||
title = {Digital {Signature} {Standard} ({DSS})},
|
||
url = {https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf},
|
||
language = {en},
|
||
number = {NIST FIPS 186-5},
|
||
urldate = {2023-02-16},
|
||
institution = {National Institute of Standards and Technology},
|
||
author = {Moody, Dustin},
|
||
year = {2023},
|
||
doi = {10.6028/NIST.FIPS.186-5},
|
||
pages = {NIST FIPS 186--5},
|
||
file = {Moody - 2023 - Digital Signature Standard (DSS).pdf:/home/rixxc/Zotero/storage/5947EJ57/Moody - 2023 - Digital Signature Standard (DSS).pdf:application/pdf},
|
||
}
|
||
|
||
@article{bernstein_high-speed_nodate,
|
||
title = {High-speed high-security signatures},
|
||
abstract = {This paper shows that a \$390 mass-market quad-core 2.4GHz Intel Westmere (Xeon E5620) CPU can create 108000 signatures per second and verify 71000 signatures per second on an elliptic curve at a 2128 security level. Public keys are 32 bytes, and signatures are 64 bytes. These performance figures include strong defenses against software sidechannel attacks: there is no data flow from secret keys to array indices, and there is no data flow from secret keys to branch conditions.},
|
||
language = {en},
|
||
author = {Bernstein, Daniel J and Duif, Niels and Lange, Tanja and Schwabe, Peter and Yang, Bo-Yin},
|
||
file = {Bernstein et al. - High-speed high-security signatures.pdf:/home/rixxc/Zotero/storage/2JAYEHFU/Bernstein et al. - High-speed high-security signatures.pdf:application/pdf},
|
||
}
|
||
|
||
@article{bernstein_eddsa_nodate,
|
||
title = {{EdDSA} for more curves},
|
||
author = {Bernstein, Daniel J. and Josefsson, Simon and Lange, Tanja and Schwabe, Peter and Yang, Bo-Yin},
|
||
file = {eddsa-20150704.pdf:/home/rixxc/Zotero/storage/JK693Q38/eddsa-20150704.pdf:application/pdf},
|
||
}
|
||
|
||
@article{matt_algpseudocodex_nodate,
|
||
title = {Algpseudocodex {Package} {Documentation}},
|
||
abstract = {This package allows typesetting pseudocode in LATEX. It is based on algpseudocode from the algorithmicx package and uses the same syntax, but adds several new features and improvements. Notable features include customizable indent guide lines and the ability to draw boxes around parts of the code for highlighting differences. This package also has better support for long code lines spanning several lines and improved comments.},
|
||
language = {en},
|
||
author = {Matt, Christian},
|
||
file = {Matt - Algpseudocodex Package Documentation.pdf:/home/rixxc/Zotero/storage/G3AZ8PFR/Matt - Algpseudocodex Package Documentation.pdf:application/pdf},
|
||
}
|
||
|
||
@incollection{shacham_algebraic_2018,
|
||
address = {Cham},
|
||
title = {The {Algebraic} {Group} {Model} and its {Applications}},
|
||
volume = {10992},
|
||
isbn = {978-3-319-96880-3 978-3-319-96881-0},
|
||
url = {https://link.springer.com/10.1007/978-3-319-96881-0_2},
|
||
abstract = {One of the most important and successful tools for assessing hardness assumptions in cryptography is the Generic Group Model (GGM). Over the past two decades, numerous assumptions and protocols have been analyzed within this model. While a proof in the GGM can certainly provide some measure of confidence in an assumption, its scope is rather limited since it does not capture group-specific algorithms that make use of the representation of the group.},
|
||
language = {en},
|
||
urldate = {2023-02-17},
|
||
booktitle = {Advances in {Cryptology} – {CRYPTO} 2018},
|
||
publisher = {Springer International Publishing},
|
||
author = {Fuchsbauer, Georg and Kiltz, Eike and Loss, Julian},
|
||
editor = {Shacham, Hovav and Boldyreva, Alexandra},
|
||
year = {2018},
|
||
doi = {10.1007/978-3-319-96881-0_2},
|
||
note = {Series Title: Lecture Notes in Computer Science},
|
||
pages = {33--62},
|
||
file = {Fuchsbauer et al. - 2018 - The Algebraic Group Model and its Applications.pdf:/home/rixxc/Zotero/storage/K3GHQMRK/Fuchsbauer et al. - 2018 - The Algebraic Group Model and its Applications.pdf:application/pdf},
|
||
}
|
||
|
||
@techreport{josefsson_edwards-curve_2017,
|
||
type = {Request for {Comments}},
|
||
title = {Edwards-{Curve} {Digital} {Signature} {Algorithm} ({EdDSA})},
|
||
url = {https://datatracker.ietf.org/doc/rfc8032},
|
||
abstract = {This document describes elliptic curve signature scheme Edwards-curve Digital Signature Algorithm (EdDSA). The algorithm is instantiated with recommended parameters for the edwards25519 and edwards448 curves. An example implementation and test vectors are provided.},
|
||
number = {RFC 8032},
|
||
urldate = {2023-02-22},
|
||
institution = {Internet Engineering Task Force},
|
||
author = {Josefsson, Simon and Liusvaara, Ilari},
|
||
month = jan,
|
||
year = {2017},
|
||
doi = {10.17487/RFC8032},
|
||
note = {Num Pages: 60},
|
||
file = {Full Text PDF:/home/rixxc/Zotero/storage/U24MZYBY/Josefsson and Liusvaara - 2017 - Edwards-Curve Digital Signature Algorithm (EdDSA).pdf:application/pdf},
|
||
}
|
||
|
||
@article{bernstein_multi-user_nodate,
|
||
title = {Multi-user {Schnorr} security, revisited},
|
||
abstract = {Three recent proposals for standardization of next-generation ECC signatures have included “key prefixing” modifications to Schnorr’s signature system. Bernstein, Duif, Lange, Schwabe, and Yang stated in 2011 that key prefixing is “an inexpensive way to alleviate concerns that several public keys could be attacked simultaneously”.},
|
||
language = {en},
|
||
author = {Bernstein, Daniel J},
|
||
file = {Bernstein - Multi-user Schnorr security, revisited.pdf:/home/rixxc/Zotero/storage/KYQWEQIV/Bernstein - Multi-user Schnorr security, revisited.pdf:application/pdf},
|
||
}
|
||
|
||
@incollection{tibouchi_one-more_2021,
|
||
address = {Cham},
|
||
title = {The {One}-{More} {Discrete} {Logarithm} {Assumption} in the {Generic} {Group} {Model}},
|
||
volume = {13093},
|
||
isbn = {978-3-030-92067-8 978-3-030-92068-5},
|
||
url = {https://link.springer.com/10.1007/978-3-030-92068-5_20},
|
||
abstract = {The one more-discrete logarithm assumption (OMDL) underlies the security analysis of identification protocols, blind signature and multi-signature schemes, such as blind Schnorr signatures and the recent MuSig2 multi-signatures. As these schemes produce standard Schnorr signatures, they are compatible with existing systems, e.g. in the context of blockchains. OMDL is moreover assumed for many results on the impossibility of certain security reductions.},
|
||
language = {en},
|
||
urldate = {2023-02-24},
|
||
booktitle = {Advances in {Cryptology} – {ASIACRYPT} 2021},
|
||
publisher = {Springer International Publishing},
|
||
author = {Bauer, Balthazar and Fuchsbauer, Georg and Plouviez, Antoine},
|
||
editor = {Tibouchi, Mehdi and Wang, Huaxiong},
|
||
year = {2021},
|
||
doi = {10.1007/978-3-030-92068-5_20},
|
||
note = {Series Title: Lecture Notes in Computer Science},
|
||
pages = {587--617},
|
||
file = {Bauer et al. - 2021 - The One-More Discrete Logarithm Assumption in the .pdf:/home/rixxc/Zotero/storage/FQDR3E7V/Bauer et al. - 2021 - The One-More Discrete Logarithm Assumption in the .pdf:application/pdf},
|
||
}
|
||
|
||
@book{karpfinger_algebra_2021,
|
||
address = {Berlin, Heidelberg},
|
||
title = {Algebra: {Gruppen} - {Ringe} - {Körper}},
|
||
isbn = {978-3-662-61951-3 978-3-662-61952-0},
|
||
shorttitle = {Algebra},
|
||
url = {http://link.springer.com/10.1007/978-3-662-61952-0},
|
||
language = {de},
|
||
urldate = {2023-04-04},
|
||
publisher = {Springer},
|
||
author = {Karpfinger, Christian and Meyberg, Kurt},
|
||
year = {2021},
|
||
doi = {10.1007/978-3-662-61952-0},
|
||
keywords = {Galois-Theorie, Gruppentheorie, Körpertheorie, Lehrbuch, Lösung algebraischer Gleichungen, Prüfungsvorbereitung, Reziprozitätsgesetz, Ringtheorie, Zahlentheorie},
|
||
file = {Full Text PDF:/home/rixxc/Zotero/storage/HVWL6D9I/Karpfinger and Meyberg - 2021 - Algebra Gruppen - Ringe - Körper.pdf:application/pdf},
|
||
}
|
||
|
||
@incollection{karpfinger_hauptsatz_2021,
|
||
address = {Berlin, Heidelberg},
|
||
title = {Der {Hauptsatz} über endliche abelsche {Gruppen}},
|
||
isbn = {978-3-662-61952-0},
|
||
url = {https://doi.org/10.1007/978-3-662-61952-0_10},
|
||
abstract = {Das Ziel dieses Kapitels ist es, die endlichen abelschen Gruppen zu klassifizieren. Wir zeigen, dass jede endliche abelsche Gruppe inneres direktes Produkt zyklischer Gruppen ist, genauer: Ist G eine endliche abelsche Gruppe, so gibt es nicht notwendig verschiedene Primzahlen \$\$p\_1 ,{\textbackslash}ldots ,{\textbackslash},p\_r\$\$p1,…,prund natürliche Zahlen \$\${\textbackslash}nu \_1 ,{\textbackslash}ldots ,{\textbackslash},{\textbackslash}nu \_r\$\$ν1,…,νr, so dass \$\$G {\textbackslash}cong \{{\textbackslash}mathbb \{Z\}\}/\{p\_1{\textasciicircum}\{{\textbackslash}nu \_1\}\} {\textbackslash}times {\textbackslash}cdots {\textbackslash}times \{{\textbackslash}mathbb \{Z\}\}/\{p\_r{\textasciicircum}\{{\textbackslash}nu \_r\}\}\$\$G≅Z/p1ν1×⋯×Z/prνr. Wir erreichen eine vollständige Übersicht über alle endlichen abelschen Gruppen.},
|
||
language = {de},
|
||
urldate = {2023-04-04},
|
||
booktitle = {Algebra: {Gruppen} - {Ringe} - {Körper}},
|
||
publisher = {Springer},
|
||
author = {Karpfinger, Christian and Meyberg, Kurt},
|
||
editor = {Karpfinger, Christian and Meyberg, Kurt},
|
||
year = {2021},
|
||
doi = {10.1007/978-3-662-61952-0_10},
|
||
pages = {143--149},
|
||
file = {Full Text PDF:/home/rixxc/Zotero/storage/WXIHFNNT/Karpfinger and Meyberg - 2021 - Der Hauptsatz über endliche abelsche Gruppen.pdf:application/pdf},
|
||
}
|
||
|
||
@incollection{karpfinger_direkte_2021,
|
||
address = {Berlin, Heidelberg},
|
||
title = {Direkte und semidirekte {Produkte}},
|
||
isbn = {978-3-662-61952-0},
|
||
url = {https://doi.org/10.1007/978-3-662-61952-0_6},
|
||
abstract = {In Kap. 5wurden sämtliche zyklische Gruppen bestimmt. Um nun weitere Klassen von Gruppen klassifizieren können, versuchen wir, die im Allgemeinen sehr komplexen Gruppen in Produkte von kleineren oder einfacheren Gruppen zu zerlegen.},
|
||
language = {de},
|
||
urldate = {2023-04-04},
|
||
booktitle = {Algebra: {Gruppen} - {Ringe} - {Körper}},
|
||
publisher = {Springer},
|
||
author = {Karpfinger, Christian and Meyberg, Kurt},
|
||
editor = {Karpfinger, Christian and Meyberg, Kurt},
|
||
year = {2021},
|
||
doi = {10.1007/978-3-662-61952-0_6},
|
||
pages = {83--102},
|
||
file = {Full Text PDF:/home/rixxc/Zotero/storage/A3Y23M69/Karpfinger and Meyberg - 2021 - Direkte und semidirekte Produkte.pdf:application/pdf},
|
||
}
|
||
|
||
@incollection{karpfinger_satze_2021,
|
||
address = {Berlin, Heidelberg},
|
||
title = {Die {Sätze} von {Sylow}},
|
||
isbn = {978-3-662-61952-0},
|
||
url = {https://doi.org/10.1007/978-3-662-61952-0_8},
|
||
abstract = {Die Sylow’schen Sätzen enthalten Aussagen über die Existenz und Anzahl von p-Untergruppen einer endlichen Gruppe. Diese Sätze sind Grundstein für die gesamte Strukturtheorie endlicher Gruppen.},
|
||
language = {de},
|
||
urldate = {2023-04-04},
|
||
booktitle = {Algebra: {Gruppen} - {Ringe} - {Körper}},
|
||
publisher = {Springer},
|
||
author = {Karpfinger, Christian and Meyberg, Kurt},
|
||
editor = {Karpfinger, Christian and Meyberg, Kurt},
|
||
year = {2021},
|
||
doi = {10.1007/978-3-662-61952-0_8},
|
||
pages = {115--129},
|
||
file = {Full Text PDF:/home/rixxc/Zotero/storage/WKJLTLKJ/Karpfinger and Meyberg - 2021 - Die Sätze von Sylow.pdf:application/pdf},
|
||
}
|
||
|
||
@incollection{hutchison_exact_2012,
|
||
address = {Berlin, Heidelberg},
|
||
title = {On the {Exact} {Security} of {Schnorr}-{Type} {Signatures} in the {Random} {Oracle} {Model}},
|
||
volume = {7237},
|
||
isbn = {978-3-642-29010-7 978-3-642-29011-4},
|
||
url = {http://link.springer.com/10.1007/978-3-642-29011-4_33},
|
||
abstract = {The Schnorr signature scheme has been known to be provably secure in the Random Oracle Model under the Discrete Logarithm (DL) assumption since the work of Pointcheval and Stern (EUROCRYPT ’96), at the price of a very loose reduction though: if there is a forger making at most qh random oracle queries, and forging signatures with probability εF , then the Forking Lemma tells that one can compute discrete logarithms with constant probability by rewinding the forger O(qh/εF ) times. In other words, the security reduction loses a factor O(qh) in its time-to-success ratio. This is rather unsatisfactory since qh may be quite large. Yet Paillier and Vergnaud (ASIACRYPT 2005) later showed that under the One More Discrete Logarithm (OMDL) assumption, any algebraic reduction must lose a factor at least qh1/2 in its time-to-success ratio. This was later improved by Garg et al. (CRYPTO 2008) to a factor qh2/3. Up to now, the gap between qh2/3 and qh remained open. In this paper, we show that the security proof using the Forking Lemma is essentially the best possible. Namely, under the OMDL assumption, any algebraic reduction must lose a factor f (εF )qh in its time-to-success ratio, where f ≤ 1 is a function that remains close to 1 as long as εF is noticeably smaller than 1. Using a formulation in terms of expected-time and queries algorithms, we obtain an optimal loss factor Ω(qh), independently of εF . These results apply to other signature schemes based on one-way group homomorphisms, such as the Guillou-Quisquater signature scheme.},
|
||
language = {en},
|
||
urldate = {2023-04-30},
|
||
booktitle = {Advances in {Cryptology} – {EUROCRYPT} 2012},
|
||
publisher = {Springer Berlin Heidelberg},
|
||
author = {Seurin, Yannick},
|
||
editor = {Hutchison, David and Kanade, Takeo and Kittler, Josef and Kleinberg, Jon M. and Mattern, Friedemann and Mitchell, John C. and Naor, Moni and Nierstrasz, Oscar and Pandu Rangan, C. and Steffen, Bernhard and Sudan, Madhu and Terzopoulos, Demetri and Tygar, Doug and Vardi, Moshe Y. and Weikum, Gerhard and Pointcheval, David and Johansson, Thomas},
|
||
year = {2012},
|
||
doi = {10.1007/978-3-642-29011-4_33},
|
||
note = {Series Title: Lecture Notes in Computer Science},
|
||
pages = {554--571},
|
||
file = {Seurin - 2012 - On the Exact Security of Schnorr-Type Signatures i.pdf:/home/rixxc/Zotero/storage/5CWR5JYA/Seurin - 2012 - On the Exact Security of Schnorr-Type Signatures i.pdf:application/pdf},
|
||
}
|
||
|
||
@article{schwartz_fast_1980,
|
||
title = {Fast {Probabilistic} {Algorithms} for {Verification} of {Polynomial} {Identities}},
|
||
volume = {27},
|
||
issn = {0004-5411},
|
||
url = {https://dl.acm.org/doi/10.1145/322217.322225},
|
||
doi = {10.1145/322217.322225},
|
||
number = {4},
|
||
urldate = {2023-05-08},
|
||
journal = {Journal of the ACM},
|
||
author = {Schwartz, J. T.},
|
||
month = oct,
|
||
year = {1980},
|
||
pages = {701--717},
|
||
file = {Full Text PDF:/home/rixxc/Zotero/storage/9XIETZ49/Schwartz - 1980 - Fast Probabilistic Algorithms for Verification of .pdf:application/pdf},
|
||
}
|
||
|
||
@article{galbraith_public_2002,
|
||
title = {Public key signatures in the multi-user setting},
|
||
volume = {83},
|
||
issn = {0020-0190},
|
||
url = {https://www.sciencedirect.com/science/article/pii/S0020019001003386},
|
||
doi = {10.1016/S0020-0190(01)00338-6},
|
||
abstract = {This paper addresses the security of public key signature schemes in a “multi-user” setting. We bound the advantage of an adversary in producing an existential forgery on any one of a set of target public keys by the advantage of an adversary in producing an existential forgery on a single public key for any public key signature algorithm. We then improve the concrete security of this general reduction for certain specific discrete logarithm based signature algorithms such as that of Schnorr.},
|
||
language = {en},
|
||
number = {5},
|
||
urldate = {2023-06-21},
|
||
journal = {Information Processing Letters},
|
||
author = {Galbraith, S. and Malone-Lee, J. and Smart, N. P.},
|
||
month = sep,
|
||
year = {2002},
|
||
keywords = {Cryptography, Digital signatures, Provable security},
|
||
pages = {263--266},
|
||
file = {ScienceDirect Full Text PDF:/home/rixxc/Zotero/storage/Y9TGWX5X/Galbraith et al. - 2002 - Public key signatures in the multi-user setting.pdf:application/pdf;ScienceDirect Snapshot:/home/rixxc/Zotero/storage/G84HRF8K/S0020019001003386.html:text/html},
|
||
}
|