We show lower bounds for the signature size of incremental schemes which are secure against substitution attacks and support single block replacement. We prove that for documents of n blocks such schemes produce signatures of \Omega(n^(1/(2+c))) bits for any constant c>0. For schemes accessing only a single block resp. a constant number of blocks for each replacement this bound can be raised to \Omega(n) resp. \Omega(sqrt(n)). Additionally, we show that our technique yields a new lower bound for memory checkers
This paper provides new combinatorial bounds and characterizations of authentication codes (A-codes)...
International audienceKabastianskii, Krouk and Smeets proposed in 1997 a digital signature scheme ba...
In a digital signature scheme with message recovery, rather than transmitting the message $m$ and it...
We show lower bounds for the signature size of incremental schemes which are secure against substitu...
We introduce the relationship between incremental cryptography and memory checkers. We present an in...
AbstractIn anonymous secret sharing schemes, the secret can be reconstructed without knowledge of wh...
Threshold schemes are well-studied cryptographic primitives for distributing information among a num...
Abstract. Despite considerable research efforts, no efficient reduction from the discrete log proble...
The article proposes new digital signature schemes based on difficulty of simultaneous solving integ...
This work contributes to two independent topics: (1) Provably secure and efficient signature schemes...
In digital signature schemes based on the zero-knowledge concept, it has been claimed that the lengt...
In a digital signature scheme with message recovery, rather than transmitting the message m and its ...
In a digital signature scheme with message recovery, rather than transmitting the message m and its ...
Abstract. Digital signatures whose security does not rely on any unproven computational assumption h...
We present a polynomial-time algorithm that provably recovers the signer's secret DSA key when a few...
This paper provides new combinatorial bounds and characterizations of authentication codes (A-codes)...
International audienceKabastianskii, Krouk and Smeets proposed in 1997 a digital signature scheme ba...
In a digital signature scheme with message recovery, rather than transmitting the message $m$ and it...
We show lower bounds for the signature size of incremental schemes which are secure against substitu...
We introduce the relationship between incremental cryptography and memory checkers. We present an in...
AbstractIn anonymous secret sharing schemes, the secret can be reconstructed without knowledge of wh...
Threshold schemes are well-studied cryptographic primitives for distributing information among a num...
Abstract. Despite considerable research efforts, no efficient reduction from the discrete log proble...
The article proposes new digital signature schemes based on difficulty of simultaneous solving integ...
This work contributes to two independent topics: (1) Provably secure and efficient signature schemes...
In digital signature schemes based on the zero-knowledge concept, it has been claimed that the lengt...
In a digital signature scheme with message recovery, rather than transmitting the message m and its ...
In a digital signature scheme with message recovery, rather than transmitting the message m and its ...
Abstract. Digital signatures whose security does not rely on any unproven computational assumption h...
We present a polynomial-time algorithm that provably recovers the signer's secret DSA key when a few...
This paper provides new combinatorial bounds and characterizations of authentication codes (A-codes)...
International audienceKabastianskii, Krouk and Smeets proposed in 1997 a digital signature scheme ba...
In a digital signature scheme with message recovery, rather than transmitting the message $m$ and it...