On-line/off-line digital signatures
CRYPTO '89 Proceedings on Advances in cryptology
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Efficient Generic On-Line/Off-Line Signatures Without Key Exposure
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
| Hi-index | 0.00 |
Enforcing strong authentication is an option to mitigate phishing. However, existing authentication methods, like traditional digital signatures, require unrealistic full deployment of public key infrastructure(PKI) and destroy email users' privacy in that the identity of an email sender is automatically revealed to the public. There have been some works in the literature, where the technology of deniable authentication is adopted and sender's privacy can be protected. However, the additional computation introduced into the system is obviously a drawback. In this paper, we introduce the notion of online/offline authentication into anti-phishing, in order to construct an efficient and secure anti-phishing scheme. It is commonly known that a generic online/offline signature can be constructed with a traditional chameleon function. Nevertheless, a standard chameleon function suffers from so-called key-exposure attacks. To tackle this issue, we propose an efficient chameleon function without key-exposure, which is especially suitable for constructing efficient online/offline signatures that are applicable to mitigating phishing. We also demonstrate how to apply our novel scheme to a traditional email system.