Practical short signature batch verification
In many applications, it is desirable to work with signatures that are short, and yet where
many messages from different signers be verified very quickly. RSA signatures satisfy the …
many messages from different signers be verified very quickly. RSA signatures satisfy the …
Batch verification of short signatures
J Camenisch, S Hohenberger, MØ Pedersen - Advances in Cryptology …, 2007 - Springer
With computer networks spreading into a variety of new environments, the need to
authenticate and secure communication grows. Many of these new environments have …
authenticate and secure communication grows. Many of these new environments have …
Removing escrow from identity-based encryption: New security notions and key management techniques
SSM Chow - International workshop on public key cryptography, 2009 - Springer
Key escrow is inherent in identity-based encryption (IBE). A curious key generation center
(KGC) can simply generate the user's private key to decrypt a ciphertext. However, can a …
(KGC) can simply generate the user's private key to decrypt a ciphertext. However, can a …
Blind identity-based encryption and simulatable oblivious transfer
M Green, S Hohenberger - International Conference on the Theory and …, 2007 - Springer
In an identity-based encryption (IBE) scheme, there is a key extraction protocol where a user
submits an identity string to a master authority who then returns the corresponding secret …
submits an identity string to a master authority who then returns the corresponding secret …
Simulation without the artificial abort: Simplified proof and improved concrete security for Waters' IBE scheme
M Bellare, T Ristenpart - Annual International Conference on the Theory …, 2009 - Springer
Waters' variant of the Boneh-Boyen IBE scheme is attractive because of its efficency,
applications, and security attributes, but suffers from a relatively complex proof with poor …
applications, and security attributes, but suffers from a relatively complex proof with poor …
Verifiable random functions from weaker assumptions
T Jager - Theory of Cryptography: 12th Theory of Cryptography …, 2015 - Springer
The construction of a verifiable random function (VRF) with large input space and full
adaptive security from a static, non-interactive complexity assumption, like decisional Diffie …
adaptive security from a static, non-interactive complexity assumption, like decisional Diffie …
Anonymous hierarchical identity-based encryption with constant size ciphertexts
We propose an anonymous Hierarchical Identity-Based Encryption (anonymous HIBE)
scheme that has constant size ciphertexts. This means the size of the ciphertext does not …
scheme that has constant size ciphertexts. This means the size of the ciphertext does not …
Batch verification of short signatures
J Camenisch, S Hohenberger, MØ Pedersen - Journal of cryptology, 2012 - Springer
With computer networks spreading into a variety of new environments, the need to
authenticate and secure communication grows. Many of these new environments have …
authenticate and secure communication grows. Many of these new environments have …
On the security of padding-based encryption schemes–or–why we cannot prove OAEP secure in the standard model
E Kiltz, K Pietrzak - Advances in Cryptology-EUROCRYPT 2009: 28th …, 2009 - Springer
We investigate the security of “padding-based” encryption schemes in the standard model.
This class contains all public-key encryption schemes where the encryption algorithm first …
This class contains all public-key encryption schemes where the encryption algorithm first …
New privacy-preserving architectures for identity-/attribute-based encryption
SM Chow - 2010 - search.proquest.com
The notion of identity-based encryption (IBE) was proposed as an economical alternative to
public-key infrastructures. IBE is also a useful building block in various cryptographic …
public-key infrastructures. IBE is also a useful building block in various cryptographic …