{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,28]],"date-time":"2025-10-28T18:25:37Z","timestamp":1761675937375,"version":"3.40.2"},"publisher-location":"Berlin, Heidelberg","reference-count":35,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642289132"},{"type":"electronic","value":"9783642289149"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-28914-9_7","type":"book-chapter","created":{"date-parts":[[2012,3,5]],"date-time":"2012-03-05T21:12:39Z","timestamp":1330981959000},"page":"112-132","source":"Crossref","is-referenced-by-count":22,"title":["On the Instantiability of Hash-and-Sign RSA Signatures"],"prefix":"10.1007","author":[{"given":"Yevgeniy","family":"Dodis","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Iftach","family":"Haitner","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aris","family":"Tentes","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"7_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1007\/978-3-642-01001-9_2","volume-title":"Advances in Cryptology - EUROCRYPT 2009","author":"D. Aggarwal","year":"2009","unstructured":"Aggarwal, D., Maurer, U.: Breaking RSA Generically Is Equivalent to Factoring. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol.\u00a05479, pp. 36\u201353. Springer, Heidelberg (2009)"},{"key":"7_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"171","DOI":"10.1007\/978-3-540-24676-3_11","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"M. Bellare","year":"2004","unstructured":"Bellare, M., Boldyreva, A., Palacio, A.: An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004. LNCS, vol.\u00a03027, pp. 171\u2013188. Springer, Heidelberg (2004)"},{"key":"7_CR3","doi-asserted-by":"crossref","unstructured":"Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: ACM Conference on Computer and Communications Security, pp. 62\u201373 (1993)","DOI":"10.1145\/168588.168596"},{"key":"7_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"92","DOI":"10.1007\/BFb0053428","volume-title":"Advances in Cryptology - EUROCRYPT \u201994","author":"M. Bellare","year":"1995","unstructured":"Bellare, M., Rogaway, P.: Optimal Asymmetric Encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol.\u00a0950, pp. 92\u2013111. Springer, Heidelberg (1995)"},{"key":"7_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"412","DOI":"10.1007\/11535218_25","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"A. Boldyreva","year":"2005","unstructured":"Boldyreva, A., Fischlin, M.: Analysis of Random Oracle Instantiation Scenarios for OAEP and Other Practical Schemes. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 412\u2013429. Springer, Heidelberg (2005)"},{"key":"7_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"176","DOI":"10.1007\/11941378_13","volume-title":"Progress in Cryptology - INDOCRYPT 2006","author":"J. Brown","year":"2006","unstructured":"Brown, J., Gonz\u00e1lez Nieto, J.M., Boyd, C.: Efficient CCA-Secure Public-Key Encryption Schemes from RSA-Related Assumptions. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol.\u00a04329, pp. 176\u2013190. Springer, Heidelberg (2006)"},{"key":"7_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1007\/978-3-540-24638-1_3","volume-title":"Theory of Cryptography","author":"R. Canetti","year":"2004","unstructured":"Canetti, R., Goldreich, O., Halevi, S.: On the Random-Oracle Methodology as Applied to Length-Restricted Signature Schemes. In: Naor, M. (ed.) TCC 2004. LNCS, vol.\u00a02951, pp. 40\u201357. Springer, Heidelberg (2004)"},{"key":"7_CR8","doi-asserted-by":"crossref","unstructured":"Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. JACM: Journal of the ACM, 51 (2004)","DOI":"10.1145\/1008731.1008734"},{"key":"7_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1007\/3-540-44598-6_14","volume-title":"Advances in Cryptology - CRYPTO 2000","author":"J.-S. Coron","year":"2000","unstructured":"Coron, J.-S.: On the Exact Security of Full Domain Hash. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol.\u00a01880, pp. 229\u2013235. Springer, Heidelberg (2000)"},{"issue":"3","key":"7_CR10","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1145\/357830.357847","volume":"3","author":"R. Cramer","year":"2000","unstructured":"Cramer, R., Shoup, V.: Signature schemes based on the strong rsa assumption. ACM Trans. Inf. Syst. Secur.\u00a03(3), 161\u2013185 (2000)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"7_CR11","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1090\/S0025-5718-1981-0595059-1","volume":"36","author":"J.D. Dixon","year":"1981","unstructured":"Dixon, J.D.: Asymptotically fast factorization of integers. Mathematics of Computation\u00a036, 255\u2013260 (1981)","journal-title":"Mathematics of Computation"},{"key":"7_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"449","DOI":"10.1007\/11535218_27","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"Y. Dodis","year":"2005","unstructured":"Dodis, Y., Oliveira, R., Pietrzak, K.: On the Generic Insecurity of the Full Domain Hash. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 449\u2013466. Springer, Heidelberg (2005)"},{"key":"7_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/3-540-36413-7_5","volume-title":"Security in Communication Networks","author":"Y. Dodis","year":"2003","unstructured":"Dodis, Y., Reyzin, L.: On the Power of Claw-Free Permutations. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol.\u00a02576, pp. 55\u201373. Springer, Heidelberg (2003)"},{"key":"7_CR14","doi-asserted-by":"crossref","unstructured":"Dodis, Y., Haitner, I., Tentes, A.: On the instantiability of hash-and-sign rsa signatures. ePrint, http:\/\/eprint.iacr.org\/2011\/087","DOI":"10.1007\/978-3-642-28914-9_7"},{"issue":"1","key":"7_CR15","doi-asserted-by":"publisher","first-page":"217","DOI":"10.1137\/S0097539704443276","volume":"35","author":"R. Gennaro","year":"2005","unstructured":"Gennaro, R., Gertner, Y., Katz, J., Trevisan, L.: Bounds on the efficiency of generic cryptographic constructions. SIAM Journal on Computing\u00a035(1), 217\u2013246 (2005)","journal-title":"SIAM Journal on Computing"},{"key":"7_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"123","DOI":"10.1007\/3-540-48910-X_9","volume-title":"Advances in Cryptology - EUROCRYPT \u201999","author":"R. Gennaro","year":"1999","unstructured":"Gennaro, R., Halevi, S., Rabin, T.: Secure Hash-and-Sign Signatures without the Random Oracle. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol.\u00a01592, pp. 123\u2013139. Springer, Heidelberg (1999)"},{"key":"7_CR17","doi-asserted-by":"crossref","unstructured":"Gennaro, R., Trevisan, L.: Lower bounds on the efficiency of generic cryptographic constructions. In: Proceedings of the 41st Annual Symposium on Foundations of Computer Science, pp. 305\u2013313. IEEE Computer Society (2000)","DOI":"10.1109\/SFCS.2000.892119"},{"key":"7_CR18","doi-asserted-by":"crossref","unstructured":"Goldwasser, S., Tauman-Kalai, Y.: On the (in)security of the fiat-shamir paradigm. In: Proceedings of the 44th Annual Symposium on Foundations of Computer Science (FOCS), pp. 102\u2013113. IEEE Computer Society (2003)","DOI":"10.1109\/SFCS.2003.1238185"},{"key":"7_CR19","doi-asserted-by":"crossref","unstructured":"Haitner, I., Hoch, J.J., Reingold, O., Segev, G.: Finding collisions in interactive protocols \u2013 A tight lower bound on the round complexity of statistically-hiding commitments. In: Proceedings of the 48th Annual Symposium on Foundations of Computer Science (FOCS), pp. 669\u2013679. IEEE Computer Society (2007)","DOI":"10.1109\/FOCS.2007.7"},{"key":"7_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"202","DOI":"10.1007\/978-3-642-00457-5_13","volume-title":"Theory of Cryptography","author":"I. Haitner","year":"2009","unstructured":"Haitner, I., Holenstein, T.: On the (Im)Possibility of Key Dependent Encryption. In: Reingold, O. (ed.) TCC 2009. LNCS, vol.\u00a05444, pp. 202\u2013219. Springer, Heidelberg (2009)"},{"key":"7_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"647","DOI":"10.1007\/978-3-642-25385-0_35","volume-title":"ASIACRYPT 2011","author":"D. Hofheinz","year":"2011","unstructured":"Hofheinz, D., Jager, T., Kiltz, E.: Short Signatures From Weaker Assumptions. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol.\u00a07073, pp. 647\u2013666. Springer, Heidelberg (2011)"},{"key":"7_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"654","DOI":"10.1007\/978-3-642-03356-8_38","volume-title":"Advances in Cryptology - CRYPTO 2009","author":"S. Hohenberger","year":"2009","unstructured":"Hohenberger, S., Waters, B.: Short and Stateless Signatures from the RSA Assumption. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol.\u00a05677, pp. 654\u2013670. Springer, Heidelberg (2009)"},{"key":"7_CR23","doi-asserted-by":"crossref","unstructured":"Maurer, U.M.: Abstract models of computation in cryptography. In: IMA Int. Conf., pp. 1\u201312 (2005)","DOI":"10.1007\/11586821_1"},{"issue":"3","key":"7_CR24","doi-asserted-by":"publisher","first-page":"300","DOI":"10.1016\/S0022-0000(76)80043-8","volume":"13","author":"G.L. Miller","year":"1976","unstructured":"Miller, G.L.: Riemann\u2019s hypothesis and tests for primality. Journal of Computer and System Sciences\u00a013(3), 300\u2013317 (1976)","journal-title":"Journal of Computer and System Sciences"},{"key":"7_CR25","doi-asserted-by":"crossref","unstructured":"Nechaev, V.I.: Complexity of a determinate algorithm for the discrete logarithm. MATHNASUSSR: Mathematical Notes of the Academy of Sciences of the USSR, 55 (1994)","DOI":"10.1007\/BF02113297"},{"key":"7_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/3-540-45708-9_8","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"J.B. Nielsen","year":"2002","unstructured":"Nielsen, J.B.: Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, pp. 111\u2013126. Springer, Heidelberg (2002)"},{"key":"7_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/11967668_3","volume-title":"Topics in Cryptology \u2013 CT-RSA 2007","author":"P. Paillier","year":"2006","unstructured":"Paillier, P.: Impossibility Proofs for RSA Signatures in the Standard Model. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol.\u00a04377, pp. 31\u201348. Springer, Heidelberg (2006)"},{"key":"7_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11593447_1","volume-title":"Advances in Cryptology - ASIACRYPT 2005","author":"P. Paillier","year":"2005","unstructured":"Paillier, P., Vergnaud, D.: Discrete-Log-Based Signatures May Not Be Equivalent\u00a0to\u00a0Discrete\u00a0Log. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol.\u00a03788, pp. 1\u201320. Springer, Heidelberg (2005)"},{"key":"7_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"252","DOI":"10.1007\/11935230_17","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2006","author":"P. Paillier","year":"2006","unstructured":"Paillier, P., Villar, J.L.: Trading One-Wayness Against Chosen-Ciphertext Security in Factoring-Based Encryption. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol.\u00a04284, pp. 252\u2013266. Springer, Heidelberg (2006)"},{"key":"7_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"413","DOI":"10.1007\/978-3-540-85174-5_23","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"K. Pietrzak","year":"2008","unstructured":"Pietrzak, K.: Compression from Collisions, or Why CRHF Combiners Have a Long Output. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol.\u00a05157, pp. 413\u2013432. Springer, Heidelberg (2008)"},{"issue":"2","key":"7_CR31","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1145\/359340.359342","volume":"21","author":"R.L. Rivest","year":"1978","unstructured":"Rivest, R.L., Shamir, A., Adelman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM\u00a021(2), 120\u2013126 (1978)","journal-title":"Communications of the ACM"},{"key":"7_CR32","unstructured":"RSA Laboratories, Redwood City, California. PKCS #1: RSA Encryption Standard (November 1993)"},{"key":"7_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"Advances in Cryptology - EUROCRYPT \u201997","author":"V. Shoup","year":"1997","unstructured":"Shoup, V.: Lower Bounds for Discrete Logarithms and Related Problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol.\u00a01233, pp. 256\u2013266. Springer, Heidelberg (1997)"},{"key":"7_CR34","doi-asserted-by":"crossref","unstructured":"Shoup, V.: Computational Introduction to Number Theory and Algebra. Cambridge University Press (2005)","DOI":"10.1017\/CBO9781139165464"},{"key":"7_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"419","DOI":"10.1007\/978-3-540-70936-7_23","volume-title":"Theory of Cryptography","author":"H. Wee","year":"2007","unstructured":"Wee, H.: One-Way Permutations, Interactive Hashing and Statistically Hiding Commitments. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol.\u00a04392, pp. 419\u2013433. Springer, Heidelberg (2007)"}],"container-title":["Lecture Notes in Computer Science","Theory of Cryptography"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-28914-9_7.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,22]],"date-time":"2025-03-22T12:03:59Z","timestamp":1742645039000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-28914-9_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642289132","9783642289149"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-28914-9_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}