Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Formally Certifying the Security of Digital Signature Schemes

Santiago Zanella-Béguelin, Benjamin Grégoire, Gilles Barthe, and Federico Olmedo


We present two machine-checked proofs of the existential unforgeability under adaptive chosen-message attacks of the full domain hash signature scheme. These proofs formalize the original argument of Bellare and Rogaway, and an optimal reduction by Coron that provides a tighter bound on the probability of a forgery. Both proofs are developed using CertiCrypt, a general framework to formalize exact security proofs of cryptographic systems in the computational model. Since CertiCrypt is implemented on top of theCoq proof assistant, the proofs are highly trustworthy and can beverified independently and fully automatically.


Publication typeInproceedings
Published in30th IEEE Symposium on Security and Privacy, S&P 2009
PublisherIEEE Computer Society
> Publications > Formally Certifying the Security of Digital Signature Schemes