Changes between Version 53 and Version 54 of Bibliography


Ignore:
Timestamp:
2010-06-23T00:22:03Z (15 years ago)
Author:
zooko
Comment:

add notes about hash-based sigs

Legend:

Unmodified
Added
Removed
Modified
  • Bibliography

    v53 v54  
    2424=== Public Key Cryptography ===
    2525
    26 [http://www.cs.umd.edu/~jkatz/papers/dh-sigs-full.pdf Efficient Signature Schemes with Tight Reductions to the Diffie-Hellman Problems] Scheme 1 in this paper comes with a tight reduction to the Computational Diffie-Hellman problem, which means it is definitely at least as secure as any discrete-log-based scheme and could be more secure. It also has a good pedigree (having been suggested by David Chaum et al. in 1989 and having been proven to tightly reduce to Computational Diffie-Hellman by Katz et al. in 2003). It also has a nice short public key, which could be good for fitting it into our capability security schemes.
     26==== Hash-Based Digital Signatures ====
     27
     28[http://www.cdc.informatik.tu-darmstadt.de/~dahmen/papers/hashbasedcrypto.pdf Hash-based Digital Signature Schemes] by Buchmann, Dahmen, and Szydlo; A survey of why it might be a good idea.
     29
     30[https://www.minicrypt.cdc.informatik.tu-darmstadt.de/reports/reports/REDBP08.pdf Fast Hash-Based Signatures on Constrained Devices] by Rohde, Eisenbarth, Dahmen, Buchmann, and Paar; a case study of implementing hash-based digital signatures for a 8-bit microcontroller. Their implementation had some trade-offs that we wouldn't want: it is a "key-evolving" design (the signer has to maintain state in order to avoid a security failure), it can only handle a limited number of signatures, and they spent a lot of time in key generation. Hm, I can't find this in their paper now, but I thought that last time I read it I saw that they spent more than an hour (!!) generating each key on a PC! On the other hand, the result is a digital signature scheme which is faster and arguably safer than RSA or ECDSA on their 8-bit microcontroller.
    2731
    2832=== Elliptic Curve Cryptography ===
     
    8185These are some references which are less interesting or relevant than the ones above.
    8286
     87=== Public Key Cryptography ===
     88
     89[http://www.cs.umd.edu/~jkatz/papers/dh-sigs-full.pdf Efficient Signature Schemes with Tight Reductions to the Diffie-Hellman Problems] Scheme 1 in this paper comes with a tight reduction to the Computational Diffie-Hellman problem, which means it is definitely at least as secure as any discrete-log-based scheme and could be more secure. It also has a good pedigree (having been suggested by David Chaum et al. in 1989 and having been proven to tightly reduce to Computational Diffie-Hellman by Katz et al. in 2003). It also has a nice short public key, which could be good for fitting it into our capability security schemes.
     90
     91=== Miscellaneous ===
     92
    8393[http://citeseer.ist.psu.edu/mislove03post.html POST: A Secure, Resilient, Cooperative Messaging System] -- use a DHT for messaging; includes a suggestion to ameliorate the confidentiality problems of single-instance store by adding random bits to small text messages
    8494