Proactive public key and signature systems

Herzberg, Amir; Jakobsson, Markus; Jarecki, Stanislław; Krawczyk, Hugo; Yung, Moti

doi:10.1145/266420.266442

Cited by 175 publications

(127 citation statements)

References 42 publications

Supporting

Mentioning

127

Contrasting

Order By: Relevance

“…There are numerous instantiations of this idea including threshold signatures [7] and proactive signatures [14]. Distribution however is quite costly.…”

Section: The Key Exposure Problemmentioning

confidence: 99%

A Forward-Secure Digital Signature Scheme

Bellare

Miner

1999

Lecture Notes in Computer Science

398

366

View full text Add to dashboard Cite

Abstract. We describe a digital signature scheme in which the public key is fixed but the secret signing key is updated at regular intervals so as to provide a forward security property: compromise of the current secret key does not enable an adversary to forge signatures pertaining to the past. This can be useful to mitigate the damage caused by key exposure without requiring distribution of keys. Our construction uses ideas from the Fiat-Shamir and Ong-Schnorr identification and signature schemes, and is proven to be forward secure based on the hardness of factoring, in the random oracle model. The construction is also quite efficient.

show abstract

“…There are numerous instantiations of this idea including threshold signatures [7] and proactive signatures [14]. Distribution however is quite costly.…”

Section: The Key Exposure Problemmentioning

confidence: 99%

A Forward-Secure Digital Signature Scheme

Bellare

Miner

1999

Lecture Notes in Computer Science

398

366

View full text Add to dashboard Cite

show abstract

“…Early work in the field is due to Boyd [7], Desmedt [19], Croft and Harris [17], Frankel [24], and Desmedt and Frankel [20]. Work in threshold cryptography for discrete-log based cryptosystems includes, for example, Desmedt and Frankel [20], Hwang [32], Pedersen [40], Cerecedo et al [12], Harn [30], Langford [34], Gennaro et al [29], Park and Kurosawa [39], Herzberg et al [31], and Frankel et al [26].…”

Section: Related Workmentioning

confidence: 99%

An Efficient Two-Party Public Key Cryptosystem Secure against Adaptive Chosen Ciphertext Attack

MacKenzie

2002

Public Key Cryptography — PKC 2003

View full text Add to dashboard Cite

Abstract.We propose an efficient two-party public key cryptosystem that is secure against adaptive chosen ciphertext attack, based on the hardness of Decision Diffie-Hellman (DDH). Specifically, we show that the two parties together can decrypt ciphertexts, but neither can alone. Our system is based on the Cramer-Shoup cryptosystem. Previous results on efficient threshold cryptosystems secure against adaptive chosen ciphertext attack required either (1) a strict majority of uncorrupted decryption servers, and thus do not apply to the two-party scenario, or (2) the random oracle assumption, and thus were not proven secure in the "standard" model.

show abstract

“…For [21] allow multiple trusted third parties to sign a message using a single signature key while the secret shares held by each signer for constructing the signature key can be refreshed periodically in a way that the signature key (and its corresponding verification key) is kept unchanged.…”

Section: Securing Trusted Third Party's Signaturesmentioning

confidence: 99%