Signature Schemes Based on the Strong RSA Assumption

Ronald Cramer, Victor Shoup

Research output: Contribution to journalArticlepeer-review


We describe and analyze a new digital signature scheme. The new scheme is quite efficient, does not require the the signer to maintain any state, and can be proven secure against adaptive chosen message attack under a reasonable intractability assumption, the so-called strong RSA assumption. Moreover, a hash function can be incorporated into the scheme in such a way that it is also secure in the random oracle model under the standard RSA assumption.

Original languageEnglish (US)
Pages (from-to)161-185
Number of pages25
JournalACM Transactions on Information and System Security
Issue number3
StatePublished - Aug 1 2000


  • Algorithms
  • RSA
  • Security
  • Theory
  • digital signatures
  • provable security

ASJC Scopus subject areas

  • General Computer Science
  • Safety, Risk, Reliability and Quality


Dive into the research topics of 'Signature Schemes Based on the Strong RSA Assumption'. Together they form a unique fingerprint.

Cite this