Short Signatures from the Weil Pairing

Boneh, Dan; Lynn, Ben; Shacham, Hovav

doi:10.1007/3-540-45682-1_30

Cited by 2,049 publications

(1,220 citation statements)

References 17 publications

Supporting

Mentioning

1,152

Contrasting

Unclassified

Order By: Relevance

“…Moreover, comparing with the schemes [1,5,16], the signature size is shorter for the same security level since our scheme is operating over an elliptic curve (so in the security parameter k is different). The signing algorithm will be similar to that of [8] if we store the fixed part in the signature for later use. Although MMM scheme has unbounded time periods, it still depends on the current time period parameter in the key update algorithm.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Yet Another Forward Secure Signature from Bilinear Pairings

Kim

2006

Information Security and Cryptology - ICISC 2005

View full text Add to dashboard Cite

Abstract. In this work, we have proposed yet another forward secure signature based on bilinear pairings. Our forward secure signature requires the general security parameters only independent to the total number of time periods. The scheme can perform key evolving for unlimited time periods while maintaining sizes of keys and signature fixed. In addition, the signing algorithm is very efficient with the simple verification algorithm. We also provide a formal definition along with a detailed security proof of our signature scheme under the assumption of Computational Diffie-Hellman problem.

show abstract

Section: Discussionmentioning

confidence: 99%

“…A group, where the CDH problem is hard but the DDH problem is easy, is called Gap Diffie-Hellman (GDH ) group. Details about GDH groups can be found in [7], [8], and [17].…”

Section: Non-degenerate: If E(p Pmentioning

confidence: 99%

Yet Another Forward Secure Signature from Bilinear Pairings

Kim

2006

Information Security and Cryptology - ICISC 2005

View full text Add to dashboard Cite

show abstract

“…The lookup servers must not learn the public key P j a , however. In the remainder of this section, we show that by making the dictionary key for the short-term database to be the common result of the two pairings in BLS signature verification [9], the lookup servers can ensure that when Alice's friends look up her presence record in the shortterm database (using her public key P j a ), only Alice could have produced the required signature checked by the lookup server, even though the lookup server does not itself learn Alice's public key. In Appendix A, we give an alternate construction that uses more standard digital signatures, but using one-time-use public/private key pairs derived from P j a during each shortterm epoch.…”

Section: Dp5 Overviewmentioning

confidence: 99%

“…We can define an analogous game for short-term presence. A presence registration requires H(t i ) x , which is a BLS signature [9] on the epoch number t i . The security of BLS for Type-3 curves was proven by Chatterjee et al under an assumption they call Co-DHP*, which they show to be equivalent to Co-DHP [8] under a uniform generator assumption [12].…”

Section: Dp5: a Private Presence Servicementioning

confidence: 99%

DP5: A Private Presence Service

Borisov

Danezis

Goldberg

2015

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Users of social applications like to be notified when their friends are online. Typically, this is done by a central server keeping track of who is online and offline, as well as of all of the users' "buddy lists", which contain sensitive information. We present DP5, a cryptographic service that implements online presence indication in a privacy-friendly way. DP5 allows clients to register their online presence and query the presence of their list of friends while keeping this list secret. Besides presence, high-integrity status updates are supported, to facilitate key update and rendezvous protocols. While infrastructure services are required for DP5 to operate, they are designed to not require any long-term secrets and provide perfect forward secrecy in case of compromise. We provide security arguments for the indistinguishability properties of the protocol, as well as an evaluation of its scalability and performance.

show abstract

“…A digital signature is generated with the signer's private key so that anyone can verify it with the signer's corresponding public key. There are two types of digital signatures including deterministic [2] and probabilistic [5]. A probabilistic signature scheme employs random numbers into the process of signature generation.…”

Section: Introductionmentioning

confidence: 99%

ID-Based Non-Interactive Universal Designated Verifier Signature for Privacy-Preserving Applications

Lin¹

2015

IJCTE

View full text Add to dashboard Cite

Abstract-A Universal Designated Verifier Signature (UDVS) scheme is an ideal mechanism for preventing any signature holder from arbitrarily disseminating the signature, so as to protect the privacy of original signer. Such schemes are suitable for applications like the certificate of medical records and income summary, etc. In this scheme, a signature holder (designator) can generate a designated verifier signature which can only be verified by an intended verifier. Additionally, the verifier cannot transfer his proof to any third party, since he is also capable of simulating a computationally indistinguishable transcript. In this paper, the author proposes a new ID-based non-interactive UDVS scheme based on the assumption of Bilinear Diffie-Hellman Problem (BDHP). To ensure the security of proposed scheme, the requirement of strong unforgeability is formally proved in the random oracle model. Compared with previous works, our mechanism also provides better functionalities.Index Terms-Universal designated verifier signature, bilinear pairings, privacy-preserving, random oracle, public key system.

show abstract

Short Signatures from the Weil Pairing

Cited by 2,049 publications

References 17 publications

Yet Another Forward Secure Signature from Bilinear Pairings

Yet Another Forward Secure Signature from Bilinear Pairings

DP5: A Private Presence Service

ID-Based Non-Interactive Universal Designated Verifier Signature for Privacy-Preserving Applications

Contact Info

Product

Resources

About