Short Signatures from the Weil Pairing
Journal of Cryptology
Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups
Journal of Cryptology
Server-Aided Verification Signatures: Definitions and New Constructions
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Practical Short Signature Batch Verification
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Aggregate and verifiably encrypted signatures from bilinear maps
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Identity-based online/offline key encapsulation and encryption
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Secure mobile subscription of sensor-encrypted data
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Server-Aided verification: theory and practice
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Efficient identity based ring signature
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Identity-based online/offline key encapsulation and encryption
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Secure mobile subscription of sensor-encrypted data
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
A pre-computable signature scheme with efficient verification for RFID
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
Server-aided identity-based anonymous broadcast encryption
International Journal of Security and Networks
| Hi-index | 0.00 |
Wireless handheld devices which support e-mail and web browsing are increasingly popular. The authenticity of the information received is important, especially for business uses. In server-aided verification (SAV), a substantial part of the verification computation can be offloaded to a powerful but possibly untrusted server. This allows resource-constrained devices to enjoy the security guarantees provided by cryptographic schemes, such as pairing-based signatures, which may be too heavyweight to verify otherwise. To gain unfair advantage, an adversary may bribe the server to launch various kinds of attacks --- to convince that an invalid signature held by a client is a valid one (say for providing false information or repudiable commitment) or to claim that a valid signature is invalid (say for spoiling the offer provided by an opponent). However, these concerns are not properly captured by existing security models. In this paper, we provide a generic pairing-based SAV protocol. Compared with the protocol of Girault and Lefranc in Asiacrypt '05, ours provides a higher level of security yet applicable to a much wider class of pairing-based cryptosystems. In particular, it suggests SAV protocols for short signatures in the standard model and aggregate signatures which have not been studied before.