![Loading...](https://link.springer.com/static/c4a417b97a76cc2980e3c25e2271af3129e08bbe/images/pdf-preview/spacer.gif)
-
Chapter and Conference Paper
Short Unique Signatures from RSA with a Tight Security Reduction (in the Random Oracle Model)
A signature scheme is unique if for every public key and message there is only one signature that is accepted as valid by the verification algorithm. At Crypto 2017, Guo, Chen, Susilo, Lai, Yang, and Mu gave a...
-
Chapter and Conference Paper
Rethinking Verifiably Encrypted Signatures: A Gap in Functionality and Potential Solutions
Verifiably encrypted signatures were introduced by Boneh, Gentry, Lynn, and Shacham in 2003, as a non-interactive analogue to interactive protocols for verifiable encryption of signatures. As their name sugges...
-
Chapter and Conference Paper
The k-BDH Assumption Family: Bilinear Map Cryptography from Progressively Weaker Assumptions
Over the past decade bilinear maps have been used to build a large variety of cryptosystems. In addition to new functionality, we have concurrently seen the emergence of many strong assumptions. In this work, ...
-
Chapter and Conference Paper
Careful with Composition: Limitations of the Indifferentiability Framework
We exhibit a hash-based storage auditing scheme which is provably secure in the random-oracle model (ROM), but easily broken when one instead uses typical indifferentiable hash constructions. This contradicts ...
-
Chapter and Conference Paper
Limitations on Transformations from Composite-Order to Prime-Order Groups: The Case of Round-Optimal Blind Signatures
Beginning with the work of Groth and Sahai, there has been much interest in transforming pairing-based schemes in composite-order groups to equivalent ones in prime-order groups. A method for achieving such tr...
-
Chapter and Conference Paper
Hedged Public-Key Encryption: How to Protect against Bad Randomness
Public-key encryption schemes rely for their IND-CPA security on per-message fresh randomness. In practice, randomness may be of poor quality for a variety of reasons, leading to failure of the schemes. Expect...
-
Chapter and Conference Paper
Reconstructing RSA Private Keys from Random Key Bits
We show that an RSA private key with small public exponent can be efficiently recovered given a 0.27 fraction of its bits at random. An important application of this work is to the “cold boot” attacks of Halde...
-
Chapter and Conference Paper
Randomizable Proofs and Delegatable Anonymous Credentials
We construct an efficient delegatable anonymous credentials system. Users can anonymously and unlinkably obtain credentials from any authority, delegate their credentials to other users, and prove possession o...
-
Chapter and Conference Paper
Compact Proofs of Retrievability
In a proof-of-retrievability system, a data storage center convinces a verifier that he is actually storing all of a client’s data. The central challenge is to build systems that are both efficient and provably s...
-
Chapter and Conference Paper
Efficient Ring Signatures Without Random Oracles
We describe the first efficient ring signature scheme secure, without random oracles, based on standard assumptions. Our ring signatures are based in bilinear groups. For l members of a ring our signatures consis...
-
Chapter and Conference Paper
Sequential Aggregate Signatures and Multisignatures Without Random Oracles
We present the first aggregate signature, the first multisignature, and the first verifiably encrypted signature provably secure without random oracles. Our constructions derive from a novel application of a r...
-
Chapter and Conference Paper
Short Group Signatures
We construct a short group signature scheme. Signatures in our scheme are approximately the size of a standard RSA signature with the same security. Security of our group signature is based on the Strong Diffi...
-
Chapter and Conference Paper
Sequential Aggregate Signatures from Trapdoor Permutations
An aggregate signature scheme (recently proposed by Boneh, Gentry, Lynn, and Shacham) is a method for combining n signatures from n different signers on n different messages into one signature of unit length. We ...
-
Chapter and Conference Paper
Aggregate and Verifiably Encrypted Signatures from Bilinear Maps
An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into a single shor...
-
Chapter and Conference Paper
Improving SSL Handshake Performance via Batching
We present an algorithmic approach for speeding up SSL’s performance on a web server. Our approach improves the performance of SSL’s handshake protocol by up to a factor of 2.5 for 1024-bit RSA keys. It is des...
-
Chapter and Conference Paper
Short Signatures from the Weil Pairing
We introduce a short signature scheme based on the Computational Diffie-Hellman assumption on certain elliptic and hyper-elliptic curves. The signature length is half the size of a DSA signature for a similar ...