We use bounds of exponential sums to show that, for a wide class of parameters, the modification of the digital signature algorithm (DSA) scheme proposed by A.K. Lenstra (see Proc. Asiacrypt'96, Lect. Notes in Comp. Sci., vol.1163, p.57-64, 1996) is as secure as the original scheme
Mathias Josef Payer, Fei Wang, Duo Xu, Xiangyu Zhang
Alexandre Massoud Alahi, Kathrin Grosse