Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Accountable-subgroup multisignatures: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
On the Exact Security of Full Domain Hash
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Weakness in Some Threshold Cryptosystems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
A Digital Multisignature Scheme Based on the Fiat-Shamir Scheme
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
On the Risk of Disruption in Several Multiparty Signature Schemes
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Short Signatures from the Weil Pairing
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
On Defining Proofs of Knowledge
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Stateful public-key cryptosystems: how to encrypt with one 160-bit exponentiation
Proceedings of the 13th ACM conference on Computer and communications security
Multi-signatures in the plain public-Key model and a general forking lemma
Proceedings of the 13th ACM conference on Computer and communications security
A "Paradoxical" Solution To The Signature Problem
SFCS '84 Proceedings of the 25th Annual Symposium onFoundations of Computer Science, 1984
Zero-knowledge proofs of knowledge without interaction
SFCS '92 Proceedings of the 33rd Annual Symposium on Foundations of Computer Science
Designated verifier proofs and their applications
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Efficient ring signatures without random oracles
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
A closer look at PKI: security and efficiency
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Aggregate and verifiably encrypted signatures from bilinear maps
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Designated verifier signature schemes: attacks, new security notions and a new construction
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Designated verifier signatures: anonymity and efficient construction from any bilinear map
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Communication-efficient non-interactive proofs of knowledge with online extractors
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Efficient identity-based encryption without random oracles
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Perfect non-interactive zero knowledge for NP
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
The security of triple encryption and a framework for code-based game-playing proofs
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Sequential aggregate signatures and multisignatures without random oracles
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Ring signatures: stronger definitions, and constructions without random oracles
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Rogue-key attacks on the multi-designated verifiers signature scheme
Information Processing Letters
Multisignatures Using Proofs of Secret Key Possession, as Secure as the Diffie-Hellman Problem
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Multisignatures as Secure as the Diffie-Hellman Problem in the Plain Public-Key Model
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
On Tamper-Resistance from a Theoretical Viewpoint
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Key Evolution Systems in Untrusted Update Environments
ACM Transactions on Information and System Security (TISSEC)
Non-interactive multisignatures in the plain public-key model with efficient verification
Information Processing Letters
Breaking Pomykala-Barabasz Threshold Proxy Signature Scheme
Fundamenta Informaticae
Non-interactive editable signatures for assured data provenance
Proceedings of the first ACM conference on Data and application security and privacy
Relaxed security notions for signatures of knowledge
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
How to aggregate the CL signature scheme
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Non-interactive CDH-based multisignature scheme in the plain public key model with tighter security
ISC'11 Proceedings of the 14th international conference on Information security
Provable security of S-BGP and other path vector protocols: model, analysis and extensions
Proceedings of the 2012 ACM conference on Computer and communications security
| Hi-index | 0.01 |
Multiparty signature protocols need protection against rogue-key attacks, made possible whenever an adversary can choose its public key(s) arbitrarily. For many schemes, provable security has only been established under the knowledge of secret key(KOSK) assumption where the adversary is required to reveal the secret keys it utilizes. In practice, certifying authorities rarely require the strong proofs of knowledge of secret keys required to substantiate the KOSK assumption. Instead, proofs of possession(POPs) are required and can be as simple as just a signature over the certificate request message. We propose a general registered keymodel, within which we can model both the KOSK assumption and in-use POP protocols. We show that simple POP protocols yield provable security of Boldyreva's multisignature scheme [11], the LOSSW multisignature scheme [28], and a 2-user ring signature scheme due to Bender, Katz, and Morselli [10]. Our results are the firstto provide formal evidence that POPs can stop rogue-key attacks.