This note continues a sequence of attempts to define efficient digital signature schemes based on low-degree polynomials, or to break such schemes. We consider a scheme proposed by Satoh and Araki (1997), which generalizes the Ong-Schnorr-Shamir scheme to the noncommutative ring of quaternions. We give two different ways to break the scheme.
By: Don Coppersmith
Published in: Journal of Cryptology , volume 14, (no 2), pages 77-85 in 2001
Please obtain a copy of this paper from your local library. IBM cannot distribute this paper externally.Questions about this service can be mailed to reports@us.ibm.com .