{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T04:29:39Z","timestamp":1778128179745,"version":"3.51.4"},"publisher-location":"Cham","reference-count":59,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030920678","type":"print"},{"value":"9783030920685","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-92068-5_20","type":"book-chapter","created":{"date-parts":[[2021,11,30]],"date-time":"2021-11-30T20:34:17Z","timestamp":1638304457000},"page":"587-617","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":23,"title":["The One-More Discrete Logarithm Assumption in\u00a0the\u00a0Generic Group Model"],"prefix":"10.1007","author":[{"given":"Balthazar","family":"Bauer","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Georg","family":"Fuchsbauer","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Antoine","family":"Plouviez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,12,1]]},"reference":[{"issue":"2","key":"20_CR1","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/s00145-007-9005-7","volume":"21","author":"D Boneh","year":"2008","unstructured":"Boneh, D., Boyen, X.: Short signatures without random oracles and the SDH assumption in bilinear groups. J. Cryptol. 21(2), 149\u2013177 (2008)","journal-title":"J. Cryptol."},{"key":"20_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"440","DOI":"10.1007\/11426639_26","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"D Boneh","year":"2005","unstructured":"Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440\u2013456. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11426639_26"},{"key":"20_CR3","doi-asserted-by":"crossref","unstructured":"Bagherzandi, A., Cheon, J.H., Jarecki, S.: Multisignatures secure under the discrete logarithm assumption and a generalized forking lemma. In: Ning, P., Syverson, P.F., Jha, S. (eds.) ACM CCS 2008, pp. 449\u2013458. ACM Press (2008)","DOI":"10.1145\/1455770.1455827"},{"issue":"2","key":"20_CR4","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/s13389-012-0027-1","volume":"2","author":"DJ Bernstein","year":"2012","unstructured":"Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high-security signatures. J. Cryptogr. Eng. 2(2), 77\u201389 (2012)","journal-title":"J. Cryptogr. Eng."},{"key":"20_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"435","DOI":"10.1007\/978-3-030-03329-3_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2018","author":"D Boneh","year":"2018","unstructured":"Boneh, D., Drijvers, M., Neven, G.: Compact multi-signatures for smaller blockchains. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018, Part II. LNCS, vol. 11273, pp. 435\u2013464. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-03329-3_15"},{"key":"20_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/978-3-030-56880-1_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"B Bauer","year":"2020","unstructured":"Bauer, B., Fuchsbauer, G., Loss, J.: A\u00a0classification\u00a0of\u00a0computational\u00a0assumptions in the algebraic group model. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part II. LNCS, vol. 12171, pp. 121\u2013151. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56880-1_5"},{"key":"20_CR7","doi-asserted-by":"crossref","unstructured":"Bauer, B., Fuchsbauer, G., Plouviez, A.: The one-more discrete logarithm assumption in the generic group model. Cryptology ePrint Archive, Report 2021\/866 (2021). https:\/\/ia.cr\/2021\/866","DOI":"10.1007\/978-3-030-92068-5_20"},{"key":"20_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"82","DOI":"10.1007\/978-3-642-42045-0_5","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"F Baldimtsi","year":"2013","unstructured":"Baldimtsi, F., Lysyanskaya, A.: On the security of one-witness blind signature schemes. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 82\u201399. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-42045-0_5"},{"key":"20_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-030-77870-5_2","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2021","author":"F Benhamouda","year":"2021","unstructured":"Benhamouda, F., Lepoint, T., Loss, J., Orr\u00f9, M., Raykova, M.: On the (in)security of ROS. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021, Part I. LNCS, vol. 12696, pp. 33\u201353. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-77870-5_2"},{"key":"20_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/978-3-540-79263-5_5","volume-title":"Topics in Cryptology \u2013 CT-RSA 2008","author":"E Bresson","year":"2008","unstructured":"Bresson, E., Monnerat, J., Vergnaud, D.: Separation results on the \u201cone-more\u2019\u2019 computational problems. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 71\u201387. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-79263-5_5"},{"key":"20_CR11","doi-asserted-by":"crossref","unstructured":"Bellare, M., Neven, G.: Multi-signatures in the plain public-key model and a general forking lemma. In: Juels, A., Wright, R.N., De Capitani di Vimercati, S. (eds.) ACM CCS 2006, pp. 390\u2013399. ACM Press (2006)","DOI":"10.1145\/1180405.1180453"},{"key":"20_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"268","DOI":"10.1007\/978-3-540-24676-3_17","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"M Bellare","year":"2004","unstructured":"Bellare, M., Namprempre, C., Neven, G.: Security proofs for identity-based identification and signature schemes. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 268\u2013286. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24676-3_17"},{"issue":"3","key":"20_CR13","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1007\/s00145-002-0120-1","volume":"16","author":"M Bellare","year":"2003","unstructured":"Bellare, M., Namprempre, C., Pointcheval, D., Semanko, M.: The one-more-RSA-inversion problems and the security of Chaum\u2019s blind signature scheme. J. Cryptol. 16(3), 185\u2013215 (2003)","journal-title":"J. Cryptol."},{"key":"20_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-36288-6_3","volume-title":"Public Key Cryptography\u2014PKC 2003","author":"A Boldyreva","year":"2003","unstructured":"Boldyreva, A.: threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 31\u201346. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36288-6_3"},{"key":"20_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/978-3-540-85538-5_3","volume-title":"Pairing-Based Cryptography \u2013 Pairing 2008","author":"X Boyen","year":"2008","unstructured":"Boyen, X.: The uber-assumption family (invited talk). In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 39\u201356. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85538-5_3"},{"key":"20_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/3-540-45708-9_11","volume-title":"Advances in Cryptology\u2014CRYPTO 2002","author":"M Bellare","year":"2002","unstructured":"Bellare, M., Palacio, A.: GQ and Schnorr identification schemes: proofs of security against impersonation under active and concurrent attacks. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 162\u2013177. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45708-9_11"},{"key":"20_CR17","unstructured":"Brown, D.R.L.: Irreducibility to the one-more evaluation problems: more may be less. Cryptology ePrint Archive, Report 2007\/435 (2007). http:\/\/eprint.iacr.org\/2007\/435"},{"key":"20_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1007\/978-3-540-71677-8_14","volume-title":"Public Key Cryptography \u2013 PKC 2007","author":"M Bellare","year":"2007","unstructured":"Bellare, M., Shoup, S.: Two-tier signatures, strongly unforgeable signatures, and Fiat-Shamir without random oracles. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 201\u2013216. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-71677-8_14"},{"key":"20_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"693","DOI":"10.1007\/978-3-319-96884-1_23","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"S Coretti","year":"2018","unstructured":"Coretti, S., Dodis, Y., Guo, S.: Non-uniform bounds in the random-permutation, ideal-cipher, and generic-group models. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part I. LNCS, vol. 10991, pp. 693\u2013721. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96884-1_23"},{"key":"20_CR20","doi-asserted-by":"publisher","first-page":"199","DOI":"10.1007\/978-1-4757-0602-4_18","volume-title":"Advances in Cryptology","author":"D Chaum","year":"1983","unstructured":"Chaum, D.: Blind signatures for untraceable payments. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) Advances in Cryptology, pp. 199\u2013203. Springer, Boston, MA (1983). https:\/\/doi.org\/10.1007\/978-1-4757-0602-4_18"},{"key":"20_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1007\/3-540-48071-4_7","volume-title":"Advances in Cryptology\u2014CRYPTO 1992","author":"D Chaum","year":"1993","unstructured":"Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89\u2013105. Springer, Heidelberg (1993). https:\/\/doi.org\/10.1007\/3-540-48071-4_7"},{"key":"20_CR22","doi-asserted-by":"crossref","unstructured":"Drijvers, M., et al.: On the security of two-round multi-signatures. In: Symposium on Security and Privacy, pp. 1084\u2013110. IEEE Computer Society Press (2019)","DOI":"10.1109\/SP.2019.00050"},{"key":"20_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"444","DOI":"10.1007\/978-3-642-38348-9_27","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"M Fischlin","year":"2013","unstructured":"Fischlin, M., Fleischhacker, N.: Limitations of the meta-reduction technique: the case of Schnorr signatures. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 444\u2013460. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_27"},{"key":"20_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1007\/978-3-319-68637-0_12","volume-title":"Provable Security","author":"M Fukumitsu","year":"2017","unstructured":"Fukumitsu, M., Hasegawa, S.: Impossibility of the provable security of the Schnorr signature from the one-more DL assumption in the non-programmable random oracle model. In: Okamoto, T., Yu, Y., Au, M.H., Li, Y. (eds.) ProvSec 2017. LNCS, vol. 10592, pp. 201\u2013218. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-68637-0_12"},{"key":"20_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"512","DOI":"10.1007\/978-3-662-45611-8_27","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"N Fleischhacker","year":"2014","unstructured":"Fleischhacker, N., Jager, T., Schr\u00f6der, D.: On tight security proofs for Schnorr signatures. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part I. LNCS, vol. 8873, pp. 512\u2013531. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_27"},{"key":"20_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-319-96881-0_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"G Fuchsbauer","year":"2018","unstructured":"Fuchsbauer, G., Kiltz, E., Loss, J.: The algebraic group model and its applications. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part II. LNCS, vol. 10992, pp. 33\u201362. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96881-0_2"},{"key":"20_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-030-45724-2_3","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2020","author":"G Fuchsbauer","year":"2020","unstructured":"Fuchsbauer, G., Plouviez, A., Seurin, Y.: Blind Schnorr signatures and signed ElGamal encryption in the algebraic group model. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020, Part II. LNCS, vol. 12106, pp. 63\u201395. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45724-2_3"},{"key":"20_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1007\/978-3-642-13190-5_10","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"M Fischlin","year":"2010","unstructured":"Fischlin, M., Schr\u00f6der, D.: On the impossibility of three-move blind signature schemes. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 197\u2013215. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-13190-5_10"},{"key":"20_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/978-3-540-85174-5_6","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"S Garg","year":"2008","unstructured":"Garg, S., Bhaskar, R., Lokam, S.V.: Improved bounds on security reductions for discrete log based signatures. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 93\u2013107. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85174-5_6"},{"key":"20_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"276","DOI":"10.1007\/978-3-540-30539-2_20","volume-title":"Advances in Cryptology - ASIACRYPT 2004","author":"R Gennaro","year":"2004","unstructured":"Gennaro, R., Leigh, D., Sundaram, R., Yerazunis, W.: Batching Schnorr identification scheme with applications to privacy-preserving authorization and low-bandwidth communication devices. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 276\u2013292. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-30539-2_20"},{"key":"20_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1007\/978-3-642-17373-8_17","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"R Granger","year":"2010","unstructured":"Granger, R.: On the static Diffie-Hellman problem on elliptic curves over extension fields. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 283\u2013302. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_17"},{"key":"20_CR32","first-page":"1","volume":"71","author":"K Itakura","year":"1983","unstructured":"Itakura, K., Nakamura, K.: A public-key cryptosystem suitable for digital multisignatures. NEC Res. Dev. 71, 1\u20138 (1983)","journal-title":"NEC Res. Dev."},{"issue":"1","key":"20_CR33","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/s00145-005-0432-z","volume":"20","author":"N Koblitz","year":"2007","unstructured":"Koblitz, N., Menezes, A.J.: Another look at \u201cprovable security\u2019\u2019. J. Cryptol. 20(1), 3\u201337 (2007)","journal-title":"J. Cryptol."},{"issue":"4","key":"20_CR34","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1515\/JMC.2008.014","volume":"2","author":"N Koblitz","year":"2008","unstructured":"Koblitz, N., Menezes, A.: Another look at non-standard discrete log and Diffie-Hellman problems. J. Math. Cryptol. 2(4), 311\u2013326 (2008)","journal-title":"J. Math. Cryptol."},{"issue":"3","key":"20_CR35","first-page":"357","volume":"57","author":"N Koblitz","year":"2010","unstructured":"Koblitz, N., Menezes, A.: The brave new world of bodacious assumptions in cryptography. Not. Am. Math. Soc. 57(3), 357\u2013365 (2010)","journal-title":"Not. Am. Math. Soc."},{"key":"20_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"184","DOI":"10.1007\/3-540-46513-8_14","volume-title":"Selected Areas in Cryptography","author":"A Lysyanskaya","year":"2000","unstructured":"Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H., Adams, C. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184\u2013199. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-46513-8_14"},{"key":"20_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1007\/3-540-48405-1_4","volume-title":"Advances in Cryptology\u2014CRYPTO 1999","author":"U Maurer","year":"1999","unstructured":"Maurer, U.: Information-theoretic cryptography. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 47\u201365. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48405-1_4"},{"key":"20_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11586821_1","volume-title":"Cryptography and Coding","author":"U Maurer","year":"2005","unstructured":"Maurer, U.: Abstract models of computation in cryptography. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 1\u201312. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11586821_1"},{"issue":"9","key":"20_CR39","doi-asserted-by":"publisher","first-page":"2139","DOI":"10.1007\/s10623-019-00608-x","volume":"87","author":"G Maxwell","year":"2019","unstructured":"Maxwell, G., Poelstra, A., Seurin, Y., Wuille, P.: Simple Schnorr multi-signatures with applications to Bitcoin. Des. Codes Cryptogr. 87(9), 2139\u20132164 (2019). https:\/\/doi.org\/10.1007\/s10623-019-00608-x","journal-title":"Des. Codes Cryptogr."},{"key":"20_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1007\/3-540-45760-7_16","volume-title":"Topics in Cryptology\u2014CT-RSA 2002","author":"S Micali","year":"2002","unstructured":"Micali, S., Rivest, R.L.: Transitive signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 236\u2013243. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45760-7_16"},{"key":"20_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"268","DOI":"10.1007\/3-540-68697-5_21","volume-title":"Advances in Cryptology\u2014CRYPTO 1996","author":"UM Maurer","year":"1996","unstructured":"Maurer, U.M., Wolf, S.: Diffie-Hellman oracles. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 268\u2013282. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_21"},{"issue":"2","key":"20_CR42","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/s10623-009-9313-z","volume":"54","author":"C Ma","year":"2010","unstructured":"Ma, C., Weng, J., Li, Y., Den, R.H.: Efficient discrete logarithm based multi-signature scheme in the plain public key mode. Des. Codes Cryptogr. 54(2), 121\u2013133 (2010)","journal-title":"Des. Codes Cryptogr."},{"issue":"2","key":"20_CR43","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/BF02113297","volume":"55","author":"VI Nechaev","year":"1994","unstructured":"Nechaev, V.I.: Complexity of a determinate algorithm for the discrete logarithm. Math. Notes 55(2), 165\u2013172 (1994)","journal-title":"Math. Notes"},{"key":"20_CR44","unstructured":"Nick, J.: Blind signatures in scriptless scripts. Presentation given at Building on Bitcoin 2019 (2019). https:\/\/jonasnick.github.io\/blog\/2018\/07\/31\/blind-signatures-in-scriptless-scripts\/"},{"key":"20_CR45","unstructured":"NIST: Digital signature standard (DSS), FIPS PUB 186\u20135 (draft) (2019). https:\/\/csrc.nist.gov\/publications\/detail\/fips\/186\/5\/draft"},{"key":"20_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1007\/978-3-030-84242-0_8","volume-title":"Advances in Cryptology \u2013 CRYPTO 2021","author":"J Nick","year":"2021","unstructured":"Nick, J., Ruffing, T., Seurin, Y.: MuSig2: simple two-round Schnorr multi-signatures. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021, Part I. LNCS, vol. 12825, pp. 189\u2013221. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84242-0_8"},{"key":"20_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1007\/3-540-44586-2_8","volume-title":"Public Key Cryptography","author":"T Okamoto","year":"2001","unstructured":"Okamoto, T., Pointcheval, D.: The gap-problems: a new class of problems for the security of cryptographic schemes. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 104\u2013118. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44586-2_8"},{"key":"20_CR48","doi-asserted-by":"crossref","unstructured":"Pass, R.: Limits of provable security from standard assumptions. In: Fortnow, L., Vadhan, S.P. (eds.) 43rd ACM STOC, pp. 109\u2013118. ACM Press (2011)","DOI":"10.1145\/1993636.1993652"},{"key":"20_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1007\/3-540-68339-9_33","volume-title":"Advances in Cryptology\u2014EUROCRYPT 1996","author":"D Pointcheval","year":"1996","unstructured":"Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387\u2013398. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68339-9_33"},{"key":"20_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11593447_1","volume-title":"Advances in Cryptology - ASIACRYPT 2005","author":"P Paillier","year":"2005","unstructured":"Paillier, P., Vergnaud, D.: Discrete-log-based signatures may not be equivalent\u00a0to\u00a0discrete\u00a0log. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 1\u201320. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11593447_1"},{"issue":"3","key":"20_CR51","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"CP Schnorr","year":"1991","unstructured":"Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161\u2013174 (1991). https:\/\/doi.org\/10.1007\/BF00196725","journal-title":"J. Cryptol."},{"key":"20_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-45600-7_1","volume-title":"Information and Communications Security","author":"CP Schnorr","year":"2001","unstructured":"Schnorr, C.P.: Security of blind discrete log signatures against interactive attacks. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229, pp. 1\u201312. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45600-7_1"},{"key":"20_CR53","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"554","DOI":"10.1007\/978-3-642-29011-4_33","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"Y Seurin","year":"2012","unstructured":"Seurin, Y.: On the exact security of Schnorr-type signatures in the random oracle model. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 554\u2013571. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_33"},{"key":"20_CR54","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"Advances in Cryptology\u2014EUROCRYPT 1997","author":"V Shoup","year":"1997","unstructured":"Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256\u2013266. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/3-540-69053-0_18"},{"key":"20_CR55","unstructured":"Schnorr, C.-P., Jakobsson, M.: Security of discrete log cryptosystems in the random oracle and the generic model (1999). https:\/\/core.ac.uk\/download\/pdf\/14504220.pdf"},{"key":"20_CR56","doi-asserted-by":"crossref","unstructured":"Syta, E., et al.: Keeping authorities \u201chonest or bust\u201d with decentralized witness cosigning. In: Symposium on Security and Privacy, pp. 526\u2013545. IEEE Computer Society Press (2016)","DOI":"10.1109\/SP.2016.38"},{"key":"20_CR57","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"288","DOI":"10.1007\/3-540-45708-9_19","volume-title":"Advances in Cryptology\u2014CRYPTO 2002","author":"D Wagner","year":"2002","unstructured":"Wagner, D.: A generalized birthday problem. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 288\u2013304. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45708-9_19"},{"key":"20_CR58","unstructured":"Wuille, P., Nick, J., Ruffing, T.: Schnorr signatures for secp256k1. Bitcoin Improvement Proposal 340 (2020). https:\/\/github.com\/bitcoin\/bips\/blob\/master\/bip-0340.mediawiki"},{"key":"20_CR59","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"817","DOI":"10.1007\/978-3-662-46803-6_27","volume-title":"Advances in Cryptology - EUROCRYPT 2015","author":"A Yun","year":"2015","unstructured":"Yun, A.: Generic hardness of the multiple discrete logarithm problem. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part II. LNCS, vol. 9057, pp. 817\u2013836. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46803-6_27"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2021"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-92068-5_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,30]],"date-time":"2024-11-30T00:10:15Z","timestamp":1732925415000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-92068-5_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030920678","9783030920685"],"references-count":59,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-92068-5_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"1 December 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Singapore","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Singapore","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6 December 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 December 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2021\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"341","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"95","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.21","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.61","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held online due to the COVID-19 pandemic","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}