The Schnorr signature scheme [6] is derived from Schnorr's identification protocol using the Fiat– Shamir heuristic [2]. The resulting digital signature scheme is related to the Digital Signature Standard (DSS). As in DSS, the system works in a subgroup of the group \(\mathbb{Z}_{p}^{\ast}\) for some prime number p. The resulting signatures have the same length as DSS signatures. The signature scheme works as follows:
Key Generation. Same as in the DSS system. Given two security parameters \(\tau, \lambda \in \mathbb{Z}\) (\(\tau > \lambda\)) as input do the following:
- 1.
Generate a random λ-bit prime q.
- 2.
Generate a random τ-bit prime prime p such that q divides \(p-1\).
- 3.
Pick an element \(g \in \mathbb{Z}_{p}^{\ast}\) of order q.
- 4.
Pick a random integer \(\alpha \in [1,q]\) and compute \(y = g^\alpha \in \mathbb{Z}_{p}^{\ast}\).
- 5.
Let H be a hash function \(H:\{0,1\}^* \to \mathbb{Z}_q\).
The resulting public key is \((p,q,g,y,H)\). The private key is \((p,q,g,\alpha,H)\).
...- 1.
References
Abdalla, M., J. An, M. Bellare, and C. Namprempre (2002). “From identification to signatures via the fiat-shamir transform: Minimizing assumptions for security and forward-security.” Advances in Cryptology—EUROCRYPT 2004, Lecture Notes in Computer Science, vol. 2332, ed. Lars Knudsen. Springer-Verlag, Berlin, 418–33.
Fiat, Amos and Adi Shamir (1986). “How to prove yourself: Practical solutions to identification and signature problems.” Advances in Cryptology—CRYPTO'86, Lecture Notes in Computer Science, vol. 263, ed. Andrew M. Odlyzko. Springer-Verlag, Berlin, 186–194.
Lenstra, Arjen and Eric Verheul (2001). “Selecting cryptographic key sizes.” Journal of Cryptology, 14 (4), 255–293.
Menezes, Alfred J., Paul C. van Oorschot, and Scott A. Vanstone (1997). Handbook of Applied Cryptography. CRC Press, Boca Raton, FL.
Ohta, Kazuo and Tatsuaki Okamoto (1998). “On concrete security treatment of signatures derived from identification.” Advances in Cryptology—CRYPTO'98, Lecture Notes in Computer Science, vol. 1462, ed. H. Krawczyk. Springer-Verlag, Berlin, 354–369.
Schnorr, C. (1991). “Efficient signature generation by smart cards.” Journal of Cryptology, 4 (3), 161–174.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this entry
Cite this entry
Boneh, D. (2005). Schnorr Digital Signature Scheme. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_369
Download citation
DOI: https://doi.org/10.1007/0-387-23483-7_369
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-23473-1
Online ISBN: 978-0-387-23483-0
eBook Packages: Computer ScienceReference Module Computer Science and Engineering