From 6d31826076f8059777e022d927325f2368f68143 Mon Sep 17 00:00:00 2001
From: zooko <>
Date: Sun, 18 Apr 2010 21:49:28 +0000
Subject: [PATCH] add the Goh et al. tight-to-CDH signature scheme

[Imported from Trac: page Bibliography, version 53]
---
 Bibliography.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Bibliography.md b/Bibliography.md
index bb4a4c5..2b3b6dd 100644
--- a/Bibliography.md
+++ b/Bibliography.md
@@ -21,6 +21,10 @@ Here are some papers that are potentially of interest.
 
 [Vector permutations and AES](http://crypto.stanford.edu/vpaes/) The fast and timing-resistant implementations of Mike Hamburg using vector permute instructions (read: pshufb and vperm).
 
+### Public Key Cryptography
+
+[Efficient Signature Schemes with Tight Reductions to the Diffie-Hellman Problems](http://www.cs.umd.edu/~jkatz/papers/dh-sigs-full.pdf) Scheme 1 in this paper comes with a tight reduction to the Computational Diffie-Hellman problem, which means it is definitely at least as secure as any discrete-log-based scheme and could be more secure. It also has a good pedigree (having been suggested by David Chaum et al. in 1989 and having been proven to tightly reduce to Computational Diffie-Hellman by Katz et al. in 2003). It also has a nice short public key, which could be good for fitting it into our capability security schemes.
+
 ### Elliptic Curve Cryptography
 
 [ECC Brainpool Standard Curves and Curve Generation](http://tools.ietf.org/html/draft-lochter-pkix-brainpool-ecc-03) new elliptic curve parameters which come with a proof that they were generated deterministically and pseudorandomly from the first few bits of pi, as well as proofs that they are immune to certain other potential cryptographic weaknesses.