In previous sections, we discussed signature schemes (Full-Domain-Hash RSA signatures and PSS in Section 3.3.5; the Fiat–Shamir signature scheme in Section 4.2.5) that include a hash function h and whose security can be proven in the random oracle model. It is assumed that the hash function h is a random oracle, i.e., it behaves like a perfectly random function (see Sections 2.2.4 and 3.3.5).
Swipe to navigate through the chapters of this book
Please log in to get access to this content
To get access to this content you need the following product:
- Provably Secure Digital Signatures
- Springer Berlin Heidelberg
- Sequence number
- Chapter number