Verifiably Encrypted Signatures from RSA without NIZKs

Rückert, Markus

doi:10.1007/978-3-642-10628-6_24

Cited by 12 publications

(5 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since VES gives a solution to fair exchange between distrusted parties, many VES schemes have been proposed [3]- [5] which can be used in fair signature exchange, certified e-mails etc. The first VES in the standard model is proposed by Lu et al in 2013 [6].…”

Section: B Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Lattice-Based Encrypted Verifiably Encryption Signature Scheme for the Fair and Private Electronic Commence

Wang

Shi

2019

IEEE Access

View full text Add to dashboard Cite

To achieve the fairness and the privacy of the e-commence, and also to consider the quantum security of the e-commence, a lattice-based encrypted verifiably encryption signature scheme (EVES) is proposed in this paper. We achieve the strong unforgeability and the opacity properties in the standard model over lattice without the help of the lattice-based delegation technologies which is one of main tools to achieve the standard model security for the lattice-based cryptography. It is shown that the proposed scheme can be used to design a fair and privacy-preserving e-commence system in cloud, not only for business-to-customer business(B2C) but also for customer-to-customer business(C2C). The main reason is that the verifier can read the details of the EVES by easily computation operations before the EVES is verified. Then the seller who acts as a verifier in EVES scheme can ask a proxy sever to deal the business for him. Then the seller does not need to keep online for most of time. Moreover, we compare the proposed EVES with some known lattice-based VES schemes. Besides the proposed scheme achieves the more cryptographic functions, such as EVES vs VES and standard model vs random oracle model etc., the proposed scheme even has some advantage about the computation cost compared with known lattice-based VES schemes.

show abstract

Section: B Related Workmentioning

confidence: 99%

“…If we considered the quantum attack, these VES [3]- [5] and EVES schemes [2], [7] are not secure under the quantum attack. Lattice-based cryptography is known for its post-quantum security.…”

Section: B Related Workmentioning

confidence: 99%

Lattice-Based Encrypted Verifiably Encryption Signature Scheme for the Fair and Private Electronic Commence

Wang

Shi

2019

IEEE Access

View full text Add to dashboard Cite

show abstract

“…However, the TTP must generate and store the respective public key according to the public key of each signer choosing the TTP as adjudicator. Rückert proposed a VES based on RSA signatures and a Merkle hash tree without pairings and zero‐knowledge proofs. The scheme is stateful and relies on non‐standard security assumptions in the random oracle model.…”

Section: Introductionmentioning

confidence: 99%

Certificate‐based verifiably encrypted RSA signatures

Shao¹,

Gao

2013

Trans. Emerging Tel. Tech.

View full text Add to dashboard Cite

The RSA signature scheme is one of the most popular signature schemes to date. This paper proposes a certificate-based verifiably encrypted RSA signature scheme that is the first to accomplish optimistic fair exchange of the standard RSA signatures. The main characteristic of this scheme is that the signer can unilaterally choose a certificate authority as his/her adjudicator in fair exchange. Then a certificate, or generally, a signature, acts not only as the binding of the public key and its holder but also as the certificate authority's guarantee against partiality in adjudication. We introduce a strong security model, in which there are three types of inside adversaries with more power than outside adversaries in previous verifiably encrypted RSA signature schemes. We then show that the proposed scheme is existentially unforgeable under the Discrete Logarithm (DL) assumption, the Computational Diffile-Dellman (CDH) assumption, and the RSA assumption in the random oracle model. Because the proposed scheme can be directly used in the current Public-Key Infrastructure (PKI) environment, it is more practical and trustworthy than the previous schemes in the real world.

show abstract

“…As there are too many VES constructions in the literature to enumerate here, we focus on three (which we picked to demonstrate different types of schemes): the original BGLS construction [5], which is based on pairings and the BLS signature scheme [6], a construction due to Lu et al [12] that is also based on pairings but uses the Waters signature [17], and a construction due to Rückert [14] that is based on the RSA signature scheme.…”

Section: Existing Schemes Satisfy Resolution Independencementioning

confidence: 99%

“…Rückert [14]. Rückert's construction is a stateful VES based on the RSA signature scheme, which we recall works as follows: keys are of the form pk := (N, e) and sk := (pk , d), where N = pq and e and d are values such that ed ≡ 1 mod φ(N ).…”

Section: Existing Schemes Satisfy Resolution Independencementioning

confidence: 99%

Rethinking Verifiably Encrypted Signatures: A Gap in Functionality and Potential Solutions

Calderon

Meiklejohn

Shacham

et al. 2014

Topics in Cryptology – CT-RSA 2014

View full text Add to dashboard Cite

Abstract. Verifiably encrypted signatures were introduced by Boneh, Gentry, Lynn, and Shacham in 2003, as a non-interactive analogue to interactive protocols for verifiable encryption of signatures. As their name suggests, verifiably encrypted signatures were intended to capture a notion of encryption, and constructions in the literature use public-key encryption as a building block. In this paper, we show that previous definitions for verifiably encrypted signatures do not capture the intuition that encryption is necessary, by presenting a generic construction of verifiably encrypted signatures from any signature scheme. We then argue that signatures extracted by the arbiter from a verifiably encrypted signature object should be distributed identically to ordinary signatures produced by the original signer, a property that we call resolution independence. Our generic construction of verifiably encrypted signatures does not satisfy resolution independence, whereas all previous constructions do. Finally, we introduce a stronger but less general version of resolution independence, which we call resolution duplication. We show that verifiably encrypted signatures that satisfy resolution duplication generically imply public-key encryption.

show abstract

Verifiably Encrypted Signatures from RSA without NIZKs

Cited by 12 publications

References 20 publications

Lattice-Based Encrypted Verifiably Encryption Signature Scheme for the Fair and Private Electronic Commence

Lattice-Based Encrypted Verifiably Encryption Signature Scheme for the Fair and Private Electronic Commence

Certificate‐based verifiably encrypted RSA signatures

Rethinking Verifiably Encrypted Signatures: A Gap in Functionality and Potential Solutions

Contact Info

Product

Resources

About