Abstract

At a coffee house in Berkeley around 1975, Whitfield Diffie described a problem to me that he had been trying to solve: constructing a digital signature for a document. I immediately proposed a solution. Though not very practical–it required perhaps 64 bits of published key to sign a single bit–it was the first digital signature algorithm. Diffie and Hellman mention it in their classic paper:

Whitfield Diffie and Martin E. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory IT-22, 6 (1976), 644-654.
(I think it’s at the bottom right of page 650.)

In 1978, Michael Rabin published a paper titled Digitalized Signatures containing a more practical scheme for generating digital signatures of documents. (I don’t remember what other digital signature algorithms had already been proposed.) However, his solution had some drawbacks that limited its utility. This report describes an improvement to Rabin’s algorithm that eliminates those drawbacks.

I’m not sure why I never published this report. However, I think it was because, after writing it, I realized that the algorithm could be fairly easily derived directly from Rabin’s algorithm. So, I didn’t feel that it added much to what Rabin had done. However, I’ve been told that this paper is cited in the cryptography literature and is considered significant, so perhaps I was wrong.