GMR (signature process)

from Wikipedia, the free encyclopedia

GMR is a digital signature process that is named after its inventors Shafi Goldwasser , Silvio Micali and Ronald L. Rivest .

Like RSA , GMR is based on the factoring assumption that there are bijective functions that can be calculated quickly, but for which the calculation of the inverse function is very time-consuming.
In contrast to RSA, however, it can be proven for GMR that even in the case of an adaptive active attack it is not possible to forge even a new signature.

The procedure in detail

You need a collision-resistant pair of permutations with a secret with the domain of definition . The owner of the secret can calculate the inverse functions and easily. It's difficult for everyone else.

In order to sign a single message, the sender must choose a reference at random and publish it authentically. In order to sign an n-bit message , it calculates the signature . The receiver can calculate the inverse function of this and compare the result with the reference.

Obviously the problem is to publish a new reference for each message. This is done with reference trees.

Individual evidence

  1. Shafi Goldwasser, Silvio Micali and Ronald L. Rivest: A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks . ( ).