{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T13:27:15Z","timestamp":1778160435750,"version":"3.51.4"},"publisher-location":"Cham","reference-count":31,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319705026","type":"print"},{"value":"9783319705033","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-70503-3_17","type":"book-chapter","created":{"date-parts":[[2017,11,4]],"date-time":"2017-11-04T02:43:27Z","timestamp":1509763407000},"page":"519-534","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":18,"title":["On the One-Per-Message Unforgeability of\u00a0(EC)DSA and Its Variants"],"prefix":"10.1007","author":[{"given":"Manuel","family":"Fersch","sequence":"first","affiliation":[]},{"given":"Eike","family":"Kiltz","sequence":"additional","affiliation":[]},{"given":"Bertram","family":"Poettering","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,11,5]]},"reference":[{"issue":"14","key":"17_CR1","doi-asserted-by":"publisher","first-page":"1024","DOI":"10.1049\/el:19900663","volume":"26","author":"G Agnew","year":"1990","unstructured":"Agnew, G., Mullin, R., Vanstone, S.: Improved digital signature scheme based on discrete exponentiation. Electron. Lett. 26(14), 1024\u20131025 (1990)","journal-title":"Electron. Lett."},{"key":"17_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"435","DOI":"10.1007\/978-3-662-53890-6_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"M Bellare","year":"2016","unstructured":"Bellare, M., Poettering, B., Stebila, D.: From identification to signatures, tightly: a framework and generic transforms. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 435\u2013464. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53890-6_15"},{"key":"17_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"276","DOI":"10.1007\/978-3-540-46588-1_19","volume-title":"Public Key Cryptography","author":"E Brickell","year":"2000","unstructured":"Brickell, E., Pointcheval, D., Vaudenay, S., Yung, M.: Design validations for discrete logarithm based signature schemes. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 276\u2013292. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/978-3-540-46588-1_19"},{"key":"17_CR4","unstructured":"Brown, D.R.L.: Generic groups, collision resistance, and ECDSA. Cryptology ePrint Archive, Report 2002\/026 (2002). http:\/\/eprint.iacr.org\/2002\/026"},{"issue":"1","key":"17_CR5","doi-asserted-by":"publisher","first-page":"119","DOI":"10.1007\/s10623-003-6154-z","volume":"35","author":"DRL Brown","year":"2005","unstructured":"Brown, D.R.L.: Generic groups, collision resistance, and ECDSA. Des. Codes Crypt. 35(1), 119\u2013152 (2005)","journal-title":"Des. Codes Crypt."},{"key":"17_CR6","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1017\/CBO9780511546570.004","volume-title":"Advances in Elliptic Curve Cryptography","author":"DRL Brown","year":"2005","unstructured":"Brown, D.R.L.: On the provable security of ECDSA. In: Blake, I.F., Seroussi, G., Smart, N.P. (eds.) Advances in Elliptic Curve Cryptography, pp. 21\u201340. Cambridge University Press, Cambridge (2005). https:\/\/doi.org\/10.1017\/CBO9780511546570.004"},{"key":"17_CR7","unstructured":"Brown, D.R.L.: One-up problem for (EC)DSA. Cryptology ePrint Archive, Report 2008\/286 (2008). http:\/\/eprint.iacr.org\/2008\/286"},{"key":"17_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1007\/3-540-44598-6_14","volume-title":"Advances in Cryptology\u2014CRYPTO 2000","author":"J-S Coron","year":"2000","unstructured":"Coron, J.-S.: On the exact security of full domain hash. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 229\u2013235. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-44598-6_14"},{"key":"17_CR9","doi-asserted-by":"crossref","unstructured":"Dolmatov, V., Degtyarev, A.: GOST R 34.10-2012: Digital Signature Algorithm. RFC 7091 (Informational), December 2013. http:\/\/www.ietf.org\/rfc\/rfc7091.txt","DOI":"10.17487\/rfc7091"},{"key":"17_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1007\/3-540-39568-7_2","volume-title":"Advances in Cryptology","author":"T ElGamal","year":"1985","unstructured":"ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10\u201318. Springer, Heidelberg (1985). https:\/\/doi.org\/10.1007\/3-540-39568-7_2"},{"key":"17_CR11","doi-asserted-by":"crossref","unstructured":"Fersch, M., Kiltz, E., Poettering, B.: On the provable security of (EC)DSA signatures. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 16, Vienna, Austria, 24\u201328 October 2016, pp. 1651\u20131662. ACM Press (2016)","DOI":"10.1145\/2976749.2978413"},{"key":"17_CR12","unstructured":"Fersch, M., Kiltz, E., Poettering, B.: On the one-per-message unforgeability of (EC)DSA and its variants. Cryptology ePrint Archive, Report 2017\/890 (2017). http:\/\/eprint.iacr.org\/2017\/890"},{"key":"17_CR13","doi-asserted-by":"crossref","unstructured":"Garc\u00eda, C.P., Brumley, B.B., Yarom, Y.: Make sure DSA signing exponentiations really are constant-time. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, Vienna, Austria, 24\u201328 October 2016, pp. 1639\u20131650. ACM Press (2016)","DOI":"10.1145\/2976749.2978420"},{"key":"17_CR14","doi-asserted-by":"crossref","unstructured":"Genkin, D., Pachmanov, L., Pipman, I., Tromer, E., Yarom, Y.: ECDSA key extraction from mobile devices via nonintrusive physical side channels. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, Vienna, Austria, 24\u201328 October 2016, pp. 1626\u20131638. ACM Press (2016)","DOI":"10.1145\/2976749.2978353"},{"key":"17_CR15","doi-asserted-by":"crossref","unstructured":"Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Ladner, R.E., Dwork, C. (eds.) 40th ACM STOC, Victoria, British Columbia, Canada, 17\u201320 May 2008, pp. 197\u2013206. ACM Press (2008)","DOI":"10.1145\/1374376.1374407"},{"issue":"5","key":"17_CR16","doi-asserted-by":"publisher","first-page":"396","DOI":"10.1049\/el:19940317","volume":"30","author":"L Harn","year":"1994","unstructured":"Harn, L.: New digital signature scheme based on discrete logarithm. Electron. Lett. 30(5), 396\u2013398 (1994)","journal-title":"Electron. Lett."},{"issue":"24","key":"17_CR17","doi-asserted-by":"publisher","first-page":"2025","DOI":"10.1049\/el:19941398","volume":"30","author":"L Harn","year":"1994","unstructured":"Harn, L., Xu, Y.: Design of generalised ElGamal type digital signature schemes based on discrete logarithm. Electron. Lett. 30(24), 2025\u20132026 (1994)","journal-title":"Electron. Lett."},{"issue":"3","key":"17_CR18","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1023\/A:1011214926272","volume":"23","author":"N Howgrave-Graham","year":"2001","unstructured":"Howgrave-Graham, N., Smart, N.P.: Lattice attacks on digital signature schemes. Des. Codes Crypt. 23(3), 283\u2013290 (2001)","journal-title":"Des. Codes Crypt."},{"key":"17_CR19","unstructured":"ISO\/IEC 11889:2015: Information technology\u2014Trusted Platform Module library (2013). https:\/\/www.iso.org\/"},{"key":"17_CR20","doi-asserted-by":"publisher","unstructured":"Kerry, C.F., Gallagher, P.D.: FIPS PUB 186\u20134 Federal Information Processing Standards publication: Digital Signature Standard (DSS) (2013). https:\/\/doi.org\/10.6028\/NIST.FIPS.186-4","DOI":"10.6028\/NIST.FIPS.186-4"},{"key":"17_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"428","DOI":"10.1007\/978-3-540-28632-5_31","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2004","author":"PJ Leadbitter","year":"2004","unstructured":"Leadbitter, P.J., Page, D., Smart, N.P.: Attacking DSA under a repeated bits assumption. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 428\u2013440. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-28632-5_31"},{"key":"17_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-36492-7_1","volume-title":"Selected Areas in Cryptography","author":"J Malone-Lee","year":"2003","unstructured":"Malone-Lee, J., Smart, N.P.: Modifications of ECDSA. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 1\u201312. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36492-7_1"},{"key":"17_CR23","series-title":"The CRC Press Series on Discrete Mathematics and Its Applications","volume-title":"Handbook of Applied Cryptography","author":"AJ Menezes","year":"1997","unstructured":"Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. The CRC Press Series on Discrete Mathematics and Its Applications. CRC Press, Boca Raton (1997). 2000 N.W. Corporate Blvd., FL 33431\u20139868, USA"},{"issue":"2","key":"17_CR24","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1023\/A:1025436905711","volume":"30","author":"PQ Nguyen","year":"2003","unstructured":"Nguyen, P.Q., Shparlinski, I.: The insecurity of the elliptic curve digital signature algorithm with partially known nonces. Des. Codes Crypt. 30(2), 201\u2013217 (2003)","journal-title":"Des. Codes Crypt."},{"key":"17_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"436","DOI":"10.1007\/978-3-319-11203-9_25","volume-title":"Computer Security - ESORICS 2014","author":"B Poettering","year":"2014","unstructured":"Poettering, B., Stebila, D.: Double-authentication-preventing signatures. In: Kuty\u0142owski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 436\u2013453. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-11203-9_25"},{"key":"17_CR26","unstructured":"Pointcheval, D., Vaudenay, S.: On provable security for digital signature algorithms. Technical report LIENS-96-17, LIENS (1996)"},{"key":"17_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"Advances in Cryptology\u2014EUROCRYPT 1997","author":"V Shoup","year":"1997","unstructured":"Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256\u2013266. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/3-540-69053-0_18"},{"key":"17_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/3-540-45708-9_7","volume-title":"Advances in Cryptology\u2014CRYPTO 2002","author":"J Stern","year":"2002","unstructured":"Stern, J., Pointcheval, D., Malone-Lee, J., Smart, N.P.: Flaws in applying proof methodologies to signature schemes. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 93\u2013110. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45708-9_7"},{"key":"17_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1007\/3-540-68697-5_7","volume-title":"Advances in Cryptology\u2014CRYPTO 1996","author":"S Vaudenay","year":"1996","unstructured":"Vaudenay, S.: Hidden collisions on DSS. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 83\u201388. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_7"},{"key":"17_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"309","DOI":"10.1007\/3-540-36288-6_23","volume-title":"Public Key Cryptography\u2014PKC 2003","author":"S Vaudenay","year":"2003","unstructured":"Vaudenay, S.: The security of DSA and ECDSA. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 309\u2013323. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36288-6_23"},{"key":"17_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"140","DOI":"10.1007\/978-3-319-27152-1_7","volume-title":"Security Standardisation Research","author":"Z Zhang","year":"2015","unstructured":"Zhang, Z., Yang, K., Zhang, J., Chen, C.: Security of the SM2 signature scheme against generalized key substitution attacks. In: Chen, L., Matsuo, S. (eds.) SSR 2015. LNCS, vol. 9497, pp. 140\u2013153. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-27152-1_7"}],"container-title":["Lecture Notes in Computer Science","Theory of Cryptography"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-70503-3_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,26]],"date-time":"2025-06-26T21:25:37Z","timestamp":1750973137000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-70503-3_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319705026","9783319705033"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-70503-3_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"5 November 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"TCC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Theory of Cryptography Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Baltimore","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 November 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 November 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"tcc2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.iacr.org\/workshops\/tcc2017\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}