{"id":"https://openalex.org/W2537351364","doi":"https://doi.org/10.1145/2976749.2978413","title":"On the Provable Security of (EC)DSA Signatures","display_name":"On the Provable Security of (EC)DSA Signatures","publication_year":2016,"publication_date":"2016-10-24","ids":{"openalex":"https://openalex.org/W2537351364","doi":"https://doi.org/10.1145/2976749.2978413","mag":"2537351364"},"language":"en","primary_location":{"id":"doi:10.1145/2976749.2978413","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2976749.2978413","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5028495552","display_name":"Manuel Fersch","orcid":null},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Manuel Fersch","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002016815","display_name":"Eike Kiltz","orcid":"https://orcid.org/0000-0003-1178-048X"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Eike Kiltz","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5005389283","display_name":"Bertram Poettering","orcid":"https://orcid.org/0000-0001-6525-5141"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Bertram Poettering","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5028495552"],"corresponding_institution_ids":["https://openalex.org/I904495901"],"apc_list":null,"apc_paid":null,"fwci":2.2184,"has_fulltext":false,"cited_by_count":47,"citation_normalized_percentile":{"value":0.91122916,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1651","last_page":"1662"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11693","display_name":"Cryptography and Residue Arithmetic","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9919999837875366,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/elliptic-curve-digital-signature-algorithm","display_name":"Elliptic Curve Digital Signature Algorithm","score":0.7294237613677979},{"id":"https://openalex.org/keywords/random-oracle","display_name":"Random oracle","score":0.7108508348464966},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6695572733879089},{"id":"https://openalex.org/keywords/concrete-security","display_name":"Concrete security","score":0.6374979019165039},{"id":"https://openalex.org/keywords/provable-security","display_name":"Provable security","score":0.5520827174186707},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.533833920955658},{"id":"https://openalex.org/keywords/digital-signature","display_name":"Digital signature","score":0.4914973974227905},{"id":"https://openalex.org/keywords/elgamal-signature-scheme","display_name":"ElGamal signature scheme","score":0.4888014495372772},{"id":"https://openalex.org/keywords/schnorr-signature","display_name":"Schnorr signature","score":0.4652728736400604},{"id":"https://openalex.org/keywords/discrete-logarithm","display_name":"Discrete logarithm","score":0.44598379731178284},{"id":"https://openalex.org/keywords/public-key-cryptography","display_name":"Public-key cryptography","score":0.4309428036212921},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.4305543899536133},{"id":"https://openalex.org/keywords/merkle-signature-scheme","display_name":"Merkle signature scheme","score":0.4246494174003601},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.3085116147994995},{"id":"https://openalex.org/keywords/elliptic-curve-cryptography","display_name":"Elliptic curve cryptography","score":0.2992393970489502},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.23213618993759155},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.19373783469200134},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.19240015745162964},{"id":"https://openalex.org/keywords/blind-signature","display_name":"Blind signature","score":0.18965664505958557}],"concepts":[{"id":"https://openalex.org/C197966572","wikidata":"https://www.wikidata.org/wiki/Q915079","display_name":"Elliptic Curve Digital Signature Algorithm","level":5,"score":0.7294237613677979},{"id":"https://openalex.org/C94284585","wikidata":"https://www.wikidata.org/wiki/Q228184","display_name":"Random oracle","level":4,"score":0.7108508348464966},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6695572733879089},{"id":"https://openalex.org/C147343967","wikidata":"https://www.wikidata.org/wiki/Q5159078","display_name":"Concrete security","level":3,"score":0.6374979019165039},{"id":"https://openalex.org/C131672422","wikidata":"https://www.wikidata.org/wiki/Q852594","display_name":"Provable security","level":3,"score":0.5520827174186707},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.533833920955658},{"id":"https://openalex.org/C118463975","wikidata":"https://www.wikidata.org/wiki/Q220849","display_name":"Digital signature","level":3,"score":0.4914973974227905},{"id":"https://openalex.org/C132860680","wikidata":"https://www.wikidata.org/wiki/Q1328731","display_name":"ElGamal signature scheme","level":5,"score":0.4888014495372772},{"id":"https://openalex.org/C124968333","wikidata":"https://www.wikidata.org/wiki/Q1465057","display_name":"Schnorr signature","level":5,"score":0.4652728736400604},{"id":"https://openalex.org/C173259116","wikidata":"https://www.wikidata.org/wiki/Q864003","display_name":"Discrete logarithm","level":4,"score":0.44598379731178284},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.4309428036212921},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.4305543899536133},{"id":"https://openalex.org/C40404285","wikidata":"https://www.wikidata.org/wiki/Q1921816","display_name":"Merkle signature scheme","level":5,"score":0.4246494174003601},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.3085116147994995},{"id":"https://openalex.org/C167615521","wikidata":"https://www.wikidata.org/wiki/Q1048911","display_name":"Elliptic curve cryptography","level":4,"score":0.2992393970489502},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.23213618993759155},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.19373783469200134},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.19240015745162964},{"id":"https://openalex.org/C18899389","wikidata":"https://www.wikidata.org/wiki/Q2736593","display_name":"Blind signature","level":4,"score":0.18965664505958557}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2976749.2978413","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2976749.2978413","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4699999988079071,"id":"https://metadata.un.org/sdg/17","display_name":"Partnerships for the goals"}],"awards":[{"id":"https://openalex.org/G8558616852","display_name":null,"funder_award_id":"FP7/615074","funder_id":"https://openalex.org/F4320334678","funder_display_name":"European Research Council"}],"funders":[{"id":"https://openalex.org/F4320334678","display_name":"European Research Council","ror":"https://ror.org/0472cxd90"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W28380714","https://openalex.org/W1481916315","https://openalex.org/W1485287820","https://openalex.org/W1486198410","https://openalex.org/W1490394993","https://openalex.org/W1493159015","https://openalex.org/W1495058159","https://openalex.org/W1520399166","https://openalex.org/W1551515158","https://openalex.org/W1581994447","https://openalex.org/W2019213727","https://openalex.org/W2025322090","https://openalex.org/W2055681219","https://openalex.org/W2132233293","https://openalex.org/W2137848579","https://openalex.org/W2164736940","https://openalex.org/W2164988972","https://openalex.org/W2165447539","https://openalex.org/W2166462813","https://openalex.org/W2236033450","https://openalex.org/W2254419831","https://openalex.org/W2402348701","https://openalex.org/W3098180686","https://openalex.org/W3100687292","https://openalex.org/W4235145684","https://openalex.org/W4285719527","https://openalex.org/W6629399456"],"related_works":["https://openalex.org/W2086410811","https://openalex.org/W2154896321","https://openalex.org/W1977557159","https://openalex.org/W1589318310","https://openalex.org/W2380518356","https://openalex.org/W1486198410","https://openalex.org/W1526844866","https://openalex.org/W2610688825","https://openalex.org/W2949719470","https://openalex.org/W1606603454"],"abstract_inverted_index":{"Among":[0],"the":[1,10,43,66,73,93,110,123,140,170,192,197,212],"signature":[2,156],"schemes":[3,144],"most":[4],"widely":[5],"deployed":[6],"in":[7,24,39,65,97,109,164,191,221],"practice":[8],"are":[9,22,135],"DSA":[11,161],"(Digital":[12],"Signature":[13],"Algorithm)":[14],"and":[15,33,162,195],"its":[16],"elliptic":[17],"curves":[18],"variant":[19],"ECDSA.":[20],"They":[21],"represented":[23],"many":[25],"international":[26],"standards,":[27],"including":[28],"IEEE":[29],"P1363,":[30],"ANSI":[31],"X9.62,":[32],"FIPS":[34],"186-4.":[35],"Their":[36],"popularity":[37],"stands":[38],"stark":[40],"contrast":[41],"to":[42,92],"absence":[44],"of":[45,55,62,78,95,118,142,175,180,214],"rigorous":[46],"security":[47,60,94,141,213],"analyses:":[48],"Previous":[49],"works":[50,71],"either":[51],"study":[52],"modified":[53],"versions":[54],"(EC)DSA":[56,176,222],"or":[57],"provide":[58],"a":[59,120,155,178,203],"analysis":[61],"unmodified":[63,165],"ECDSA":[64,96,163],"generic":[67,82,111,236],"group":[68,112,237],"model.":[69],"Unfortunately,":[70],"following":[72],"latter":[74],"approach":[75],"assume":[76,235],"abstractions":[77],"non-algebraic":[79],"functions":[80,187],"over":[81],"groups":[83],"for":[84,137],"which":[85],"it":[86,101],"remains":[87,145],"unclear":[88],"how":[89],"they":[90],"translate":[91],"practice.":[98],"For":[99],"instance,":[100],"has":[102],"been":[103],"pointed":[104],"out":[105],"that":[106,122,158,216,218],"prior":[107],"results":[108,134,210],"model":[113],"actually":[114],"establish":[115],"strong":[116],"unforgeability":[117],"ECDSA,":[119],"property":[121],"scheme":[124],"de":[125],"facto":[126],"does":[127],"not":[128,234],"possess.":[129],"As,":[130],"further,":[131],"no":[132],"formal":[133],"known":[136],"DSA,":[138],"understanding":[139],"both":[143,160],"an":[146],"open":[147],"problem.":[148],"In":[149],"this":[150],"work":[151],"we":[152],"propose":[153],"GenericDSA,":[154],"framework":[157],"subsumes":[159],"form.":[166],"It":[167],"carefully":[168],"models":[169],"\"modulo":[171],"q\"":[172],"conversion":[173],"function":[174],"as":[177,202,224,226],"composition":[179],"three":[181],"independent":[182],"functions.":[183],"The":[184],"two":[185],"outer":[186],"mimic":[188],"algebraic":[189],"properties":[190],"function's":[193],"domain":[194],"range,":[196],"inner":[198],"one":[199],"is":[200,223],"modeled":[201],"bijective":[204],"random":[205],"oracle.":[206],"We":[207],"rigorously":[208],"prove":[209],"on":[211],"GenericDSA":[215],"indicate":[217],"forging":[219],"signatures":[220],"hard":[225],"solving":[227],"discrete":[228],"logarithms.":[229],"Importantly,":[230],"our":[231],"proofs":[232],"do":[233],"behavior.":[238]},"counts_by_year":[{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":8},{"year":2023,"cited_by_count":7},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":10},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":1}],"updated_date":"2026-03-17T09:09:15.849793","created_date":"2025-10-10T00:00:00"}