![Loading...](https://link.springer.com/static/c4a417b97a76cc2980e3c25e2271af3129e08bbe/images/pdf-preview/spacer.gif)
-
Chapter and Conference Paper
Careful with Composition: Limitations of the Indifferentiability Framework
We exhibit a hash-based storage auditing scheme which is provably secure in the random-oracle model (ROM), but easily broken when one instead uses typical indifferentiable hash constructions. This contradicts ...
-
Chapter and Conference Paper
Limitations on Transformations from Composite-Order to Prime-Order Groups: The Case of Round-Optimal Blind Signatures
Beginning with the work of Groth and Sahai, there has been much interest in transforming pairing-based schemes in composite-order groups to equivalent ones in prime-order groups. A method for achieving such tr...
-
Chapter and Conference Paper
Hedged Public-Key Encryption: How to Protect against Bad Randomness
Public-key encryption schemes rely for their IND-CPA security on per-message fresh randomness. In practice, randomness may be of poor quality for a variety of reasons, leading to failure of the schemes. Expect...
-
Chapter and Conference Paper
Compact Proofs of Retrievability
In a proof-of-retrievability system, a data storage center convinces a verifier that he is actually storing all of a client’s data. The central challenge is to build systems that are both efficient and provably s...
-
Chapter and Conference Paper
Efficient Ring Signatures Without Random Oracles
We describe the first efficient ring signature scheme secure, without random oracles, based on standard assumptions. Our ring signatures are based in bilinear groups. For l members of a ring our signatures consis...
-
Chapter and Conference Paper
Sequential Aggregate Signatures and Multisignatures Without Random Oracles
We present the first aggregate signature, the first multisignature, and the first verifiably encrypted signature provably secure without random oracles. Our constructions derive from a novel application of a r...
-
Chapter and Conference Paper
Short Group Signatures
We construct a short group signature scheme. Signatures in our scheme are approximately the size of a standard RSA signature with the same security. Security of our group signature is based on the Strong Diffi...
-
Chapter and Conference Paper
Sequential Aggregate Signatures from Trapdoor Permutations
An aggregate signature scheme (recently proposed by Boneh, Gentry, Lynn, and Shacham) is a method for combining n signatures from n different signers on n different messages into one signature of unit length. We ...
-
Chapter and Conference Paper
Aggregate and Verifiably Encrypted Signatures from Bilinear Maps
An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into a single shor...
-
Chapter and Conference Paper
Short Signatures from the Weil Pairing
We introduce a short signature scheme based on the Computational Diffie-Hellman assumption on certain elliptic and hyper-elliptic curves. The signature length is half the size of a DSA signature for a similar ...