{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,27]],"date-time":"2026-05-27T16:54:09Z","timestamp":1779900849110,"version":"3.53.1"},"publisher-location":"Berlin, Heidelberg","reference-count":35,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642365935","type":"print"},{"value":"9783642365942","type":"electronic"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-36594-2_11","type":"book-chapter","created":{"date-parts":[[2013,2,7]],"date-time":"2013-02-07T02:43:27Z","timestamp":1360205007000},"page":"182-201","source":"Crossref","is-referenced-by-count":33,"title":["Why \u201cFiat-Shamir for Proofs\u201d Lacks a Proof"],"prefix":"10.1007","author":[{"given":"Nir","family":"Bitansky","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Dana","family":"Dachman-Soled","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Sanjam","family":"Garg","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Abhishek","family":"Jain","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yael Tauman","family":"Kalai","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Adriana","family":"L\u00f3pez-Alt","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Daniel","family":"Wichs","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","reference":[{"key":"11_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"418","DOI":"10.1007\/3-540-46035-7_28","volume-title":"Advances in Cryptology - EUROCRYPT 2002","author":"M. Abdalla","year":"2002","unstructured":"Abdalla, M., An, J.H., Bellare, M., Namprempre, C.: From Identification to Signatures via the Fiat-Shamir Transform: Minimizing Assumptions for Security and Forward-Security. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol.\u00a02332, pp. 418\u2013433. Springer, Heidelberg (2002)"},{"key":"11_CR2","doi-asserted-by":"crossref","unstructured":"Bitansky, N., Garg, S., Wichs, D.: Why \u201dfiat-shamir for proofs\u201d lacks a proof. Cryptology ePrint Archive, Report 2012\/705 (2012), http:\/\/eprint.iacr.org\/","DOI":"10.1007\/978-3-642-36594-2_11"},{"key":"11_CR3","unstructured":"Blum, M.: Coin flipping by telephone. In: Proceedings of the 18th Annual International Cryptology Conference, CRYPTO 1981, pp. 11\u201315 (1981)"},{"key":"11_CR4","unstructured":"Blum, M.: How to prove a theorem so no one else can claim it. In: Proceedings of the International Congress of Mathematicians, pp. 1444\u20131451 (1987)"},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"Barak, B., Lindell, Y., Vadhan, S.P.: Lower bounds for non-black-box zero knowledge. In: 44th Annual Symposium on Foundations of Computer Science, pp. 384\u2013393. IEEE Computer Society Press (October 2003)","DOI":"10.1109\/SFCS.2003.1238212"},{"key":"11_CR6","doi-asserted-by":"crossref","unstructured":"Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Ashby, V. (ed.) ACM CCS 1993: 1st Conference on Computer and Communications Security, pp. 62\u201373. ACM Press (November 1993)","DOI":"10.1145\/168588.168596"},{"key":"11_CR7","unstructured":"Brown, D.R.L.: Breaking rsa may be as difficult as factoring. Cryptology ePrint Archive, Report 2005\/380 (2005), http:\/\/eprint.iacr.org\/"},{"key":"11_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1007\/BFb0054117","volume-title":"Advances in Cryptology - EUROCRYPT \u201998","author":"D. Boneh","year":"1998","unstructured":"Boneh, D., Venkatesan, R.: Breaking RSA May Not Be Equivalent to Factoring. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol.\u00a01403, pp. 59\u201371. Springer, Heidelberg (1998)"},{"key":"11_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"613","DOI":"10.1007\/3-540-45708-9_39","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"J.-S. Coron","year":"2002","unstructured":"Coron, J.-S.: Security Proof for Partial-Domain Hash Signature Schemes. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, pp. 613\u2013626. Springer, Heidelberg (2002)"},{"key":"11_CR10","series-title":"Lecture Notes in Computer Science","volume-title":"Theory of Cryptography","year":"2012","unstructured":"Cramer, R. (ed.): TCC 2012. LNCS, vol.\u00a07194. Springer, Heidelberg (2012)"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Dodis, Y., Haitner, I., Tentes, A.: On the instantiability of hash-and-sign rsa signatures. In: Cramer [Cra12], pp. 112\u2013132","DOI":"10.1007\/978-3-642-28914-9_7"},{"key":"11_CR12","unstructured":"Dachman-Soled, D., Jain, A., Kalai, Y.T., Lopez-Alt, A.: On the (in)security of the fiat-shamir paradigm, revisited. Cryptology ePrint Archive, Report 2012\/706 (2012), http:\/\/eprint.iacr.org\/"},{"key":"11_CR13","doi-asserted-by":"crossref","unstructured":"Dwork, C., Naor, M., Reingold, O., Stockmeyer, L.J.: Magic functions. In: FOCS, pp. 523\u2013534 (1999)","DOI":"10.1109\/SFFCS.1999.814626"},{"key":"11_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"449","DOI":"10.1007\/11535218_27","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"Y. Dodis","year":"2005","unstructured":"Dodis, Y., Oliveira, R., Pietrzak, K.: On the Generic Insecurity of the Full Domain Hash. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 449\u2013466. Springer, Heidelberg (2005)"},{"key":"11_CR15","doi-asserted-by":"crossref","unstructured":"Dodis, Y., Ristenpart, T., Vadhan, S.P.: Randomness condensers for efficiently samplable, seed-dependent sources. In: Cramer [Cra12], pp. 618\u2013635","DOI":"10.1007\/978-3-642-28914-9_35"},{"key":"11_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/3-540-47721-7_12","volume-title":"Advances in Cryptology - CRYPTO \u201986","author":"A. Fiat","year":"1987","unstructured":"Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol.\u00a0263, pp. 186\u2013194. Springer, Heidelberg (1987)"},{"key":"11_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/978-3-540-85174-5_6","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"S. Garg","year":"2008","unstructured":"Garg, S., Bhaskar, R., Lokam, S.V.: Improved Bounds on Security Reductions for Discrete Log Based Signatures. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol.\u00a05157, pp. 93\u2013107. Springer, Heidelberg (2008)"},{"key":"11_CR18","doi-asserted-by":"crossref","unstructured":"Goldwasser, S., Kalai, Y.T.: On the (in)security of the Fiat-Shamir paradigm. In: 44th Annual Symposium on Foundations of Computer Science, pp. 102\u2013115. IEEE Computer Society Press (October 2003)","DOI":"10.1109\/SFCS.2003.1238185"},{"issue":"1","key":"11_CR19","doi-asserted-by":"crossref","first-page":"186","DOI":"10.1137\/0218012","volume":"18","author":"S. Goldwasser","year":"1989","unstructured":"Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM Journal on Computing\u00a018(1), 186\u2013208 (1989); Preliminary version appeared in STOC 1985.","journal-title":"SIAM Journal on Computing"},{"issue":"1","key":"11_CR20","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BF00195207","volume":"7","author":"O. Goldreich","year":"1994","unstructured":"Goldreich, O., Oren, Y.: Definitions and properties of zero-knowledge proof systems. Journal of Cryptology\u00a07(1), 1\u201332 (1994)","journal-title":"Journal of Cryptology"},{"key":"11_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"216","DOI":"10.1007\/0-387-34799-2_16","volume-title":"Advances in Cryptology - CRYPTO \u201988","author":"L.C. Guillou","year":"1990","unstructured":"Guillou, L.C., Quisquater, J.-J.: A \u201cParadoxical\u201d Identity-Based Signature Scheme Resulting from Zero-Knowledge. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol.\u00a0403, pp. 216\u2013231. Springer, Heidelberg (1990)"},{"key":"11_CR22","doi-asserted-by":"crossref","unstructured":"Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: Fortnow, L., Vadhan, S.P. (eds.) 43rd Annual ACM Symposium on Theory of Computing, pp. 99\u2013108. ACM Press (June 2011)","DOI":"10.1145\/1993636.1993651"},{"key":"11_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"202","DOI":"10.1007\/978-3-642-00457-5_13","volume-title":"Theory of Cryptography","author":"I. Haitner","year":"2009","unstructured":"Haitner, I., Holenstein, T.: On the (Im)Possibility of Key Dependent Encryption. In: Reingold, O. (ed.) TCC 2009. LNCS, vol.\u00a05444, pp. 202\u2013219. Springer, Heidelberg (2009)"},{"key":"11_CR24","doi-asserted-by":"crossref","unstructured":"Kilian, J.: A note on efficient zero-knowledge proofs and arguments. In: Proceedings of the 24th Annual ACM Symposium on Theory of Computing, STOC 1992, pp. 723\u2013732 (1992)","DOI":"10.1145\/129712.129782"},{"key":"11_CR25","unstructured":"Micali, S.: A secure and efficient digital signature algorithm. Technical Memo MIT\/LCS\/TM-501b, Massachusetts Institute of Technology, Laboratory for Computer Science (April 1994)"},{"issue":"4","key":"11_CR26","doi-asserted-by":"publisher","first-page":"1253","DOI":"10.1137\/S0097539795284959","volume":"30","author":"S. Micali","year":"2000","unstructured":"Micali, S.: Computationally sound proofs. SIAM Journal on Computing\u00a030(4), 1253\u20131298 (2000); Preliminary version appeared in FOCS 1994","journal-title":"SIAM Journal on Computing"},{"key":"11_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"96","DOI":"10.1007\/978-3-540-45146-4_6","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"M. Naor","year":"2003","unstructured":"Naor, M.: On Cryptographic Assumptions and Challenges. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 96\u2013109. Springer, Heidelberg (2003)"},{"key":"11_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-48071-4_3","volume-title":"Advances in Cryptology - CRYPTO \u201992","author":"T. Okamoto","year":"1993","unstructured":"Okamoto, T.: Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol.\u00a0740, pp. 31\u201353. Springer, Heidelberg (1993)"},{"key":"11_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"160","DOI":"10.1007\/3-540-39200-9_10","volume-title":"Advances in Cryptology \u2013 EUROCRPYT 2003","author":"R. Pass","year":"2003","unstructured":"Pass, R.: Simulation in Quasi-Polynomial Time, and Its Application to Protocol Composition. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol.\u00a02656, pp. 160\u2013176. Springer, Heidelberg (2003)"},{"key":"11_CR30","doi-asserted-by":"crossref","unstructured":"Pass, R.: Limits of provable security from standard assumptions. In: Fortnow, L., Vadhan, S.P. (eds.) 43rd Annual ACM Symposium on Theory of Computing, pp. 109\u2013118. ACM Press (June 2011)","DOI":"10.1145\/1993636.1993652"},{"issue":"3","key":"11_CR31","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1007\/s001450010003","volume":"13","author":"D. Pointcheval","year":"2000","unstructured":"Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology\u00a013(3), 361\u2013396 (2000)","journal-title":"Journal of Cryptology"},{"key":"11_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11593447_1","volume-title":"Advances in Cryptology - ASIACRYPT 2005","author":"P. Paillier","year":"2005","unstructured":"Paillier, P., Vergnaud, D.: Discrete-Log-Based Signatures May Not Be Equivalent\u00a0to\u00a0Discrete\u00a0Log. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol.\u00a03788, pp. 1\u201320. Springer, Heidelberg (2005)"},{"issue":"3","key":"11_CR33","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"C.-P. Schnorr","year":"1991","unstructured":"Schnorr, C.-P.: Efficient signature generation by smart cards. Journal of Cryptology\u00a04(3), 161\u2013174 (1991)","journal-title":"Journal of Cryptology"},{"key":"11_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"554","DOI":"10.1007\/978-3-642-29011-4_33","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"Y. Seurin","year":"2012","unstructured":"Seurin, Y.: On the Exact Security of Schnorr-Type Signatures in the Random Oracle Model. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol.\u00a07237, pp. 554\u2013571. Springer, Heidelberg (2012)"},{"key":"11_CR35","doi-asserted-by":"crossref","unstructured":"Wichs, D.: Barriers in cryptography with weak, correlated and leaky sources. Cryptology ePrint Archive, Report 2012\/459 (2012), http:\/\/eprint.iacr.org\/","DOI":"10.1145\/2422436.2422451"}],"container-title":["Lecture Notes in Computer Science","Theory of Cryptography"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-36594-2_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,29]],"date-time":"2025-04-29T20:11:22Z","timestamp":1745957482000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-36594-2_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642365935","9783642365942"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-36594-2_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013]]}}}