# Security Difference between DSA and Schnorr's Signature

@article{Cao2009SecurityDB, title={Security Difference between DSA and Schnorr's Signature}, author={Zhengjun Cao and Olivier Markowitch}, journal={2009 International Conference on Networks Security, Wireless Communications and Trusted Computing}, year={2009}, volume={2}, pages={201-204} }

We investigate the security difference between DSA and Schnorr's signature. The security of DSA can be reduced to the problem: to find $m\in \Omega, \rho, \theta\in \mathcal {Z}_q^*$ such that $\mathcal {H}(m) =\rho\left((g^{\rho}y)^{\theta}\, \mbox{mod}\, p\right) \,\mbox{mod}\, q$,where $\Omega $ denotes the text space and the message$m$ is not restrained. Unlike DSA evaluates the hash function only at the message $m$, Schnorr's signature adopts a self-feedback mode by evaluating the hash… Expand

#### Tables and Topics from this paper

#### 3 Citations

Implementation and adaptation of the Pseudonymous PKI for Ubiquitous Computing for Car-2-Car Communication

- Computer Science
- Automotive - Safety & Security
- 2014

It is argued that the PPKI fulfils the security challenges of Car-2-Car communication and has advantages over a classical PKI. Expand

#### References

SHOWING 1-10 OF 17 REFERENCES

The Security of DSA and ECDSA Bypassing the Standard Elliptic Curve Certification Scheme

- Computer Science
- 2002

It is shown that one may be able to maliciously choose an elliptic curve for ECDSA despite the standard validation scheme, which demonstrates that some part of the standard is not well designed. Expand

Discrete-Log-Based Signatures May Not Be Equivalent to Discrete Log

- Mathematics, Computer Science
- ASIACRYPT
- 2005

We provide evidence that the unforgeability of several discrete-log based signatures like Schnorr signatures cannot be equivalent to the discrete log problem in the standard model. This contradicts… Expand

Security Proofs for Signature Schemes

- Mathematics, Computer Science
- EUROCRYPT
- 1996

This paper establishes the generality of this technique against adaptively chosen message attacks and achieves such a security proof for a slight variant of the El Garrial signature schemc where committed values are hashed together with the message. Expand

Hidden Collisions on DSS

- Computer Science
- CRYPTO
- 1996

This work explains how to forge public parameters for the Digital Signature Standard with two known messages which always produce the same set of valid signatures, and presents a similar attack when using this generation algorithm within a complexity 274. Expand

Efficient signature generation by smart cards

- Mathematics, Computer Science
- Journal of Cryptology
- 2004

An efficient algorithm that preprocesses the exponentiation of a random residue modulo p is presented, which improves the ElGamal signature scheme in the speed of the procedures for the generation and the verification of signatures and also in the bit length of signatures. Expand

Another Look at "Provable Security"

- Computer Science
- Journal of Cryptology
- 2005

It is argued that the theorem-proof paradigm of theoretical mathematics is often of limited relevance here and frequently leads to papers that are confusing and misleading. Expand

Lower Bounds for Discrete Logarithms and Related Problems

- Mathematics, Computer Science
- EUROCRYPT
- 1997

Lower bounds on the complexity of the discrete logarithm and related problems are proved that match the known upper bounds: any generic algorithm must perform Ω(p1/2) group operations, where p is the largest prime dividing the order of the group. Expand

A public key cryptosystem and a signature scheme based on discrete logarithms

- Mathematics
- CRYPTO 1985
- 1985

A new signature scheme is proposed, together with an implementation of the Diffie-Hellman key distribution scheme that achieves a public key cryptosystem. The security of both systems relies on the… Expand

Finding Collisions in the Full SHA-1

- Computer Science
- CRYPTO
- 2005

This is the first attack on the full 80-step SHA-1 with complexity less than the 280 theoretical bound, and it is shown that collisions ofSHA-1 can be found with complexityLess than 269 hash operations. Expand

Applied cryptography - protocols, algorithms, and source code in C, 2nd Edition

- Computer Science
- 1993

This document describes the construction of protocols and their use in the real world, as well as some examples of protocols used in the virtual world. Expand