Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Short Signatures from the Weil Pairing
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proxy re-signatures: new definitions, algorithms, and applications
Proceedings of the 12th ACM conference on Computer and communications security
Improved proxy re-encryption schemes with applications to secure distributed storage
ACM Transactions on Information and System Security (TISSEC)
Towards a secure and interoperable DRM architecture
Proceedings of the ACM workshop on Digital rights management
Multi-signatures in the plain public-Key model and a general forking lemma
Proceedings of the 13th ACM conference on Computer and communications security
Multi-use unidirectional proxy re-signatures
Proceedings of the 15th ACM conference on Computer and communications security
Proxy re-signature schemes without random oracles
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Efficient identity-based encryption without random oracles
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Hi-index | 0.00 |
In proxy re-signature (PRS), a semi-trusted proxy, with some additional information (a.k.a., re-signature key), can transform Alice's (delegatee) signature into Bob's (delegator) signature on the same message, but cannot produce an arbitrary signature on behalf of either the delegatee or the delegator. In this paper, we investigate the security model of proxy re-signature, and find that the previous security model proposed by Ateniese and Honhenberger at ACM CCS 2005 (referred to as the AH model) is not complete since it does not cover all possible attacks. In particular, the attack on the unidirectional proxy re-signature with private re-signature key. To show this, we artificially design such a proxy re-signature scheme, which is proven secure in the AH model but suffers from a specific attack. Furthermore, we propose a new security model to solve the problem of the AH model. Interestingly, the previous two private re-signature key, unidirectional proxy re-signature schemes (one is proposed by Ateniese and Honhenberger at ACM CCS 2005, and the other is proposed by Libert and Vergnaud at ACM CCS 2008), which are proven secure in the AH model, can still be proven secure in our security model.