Two remarks concerning the Goldwasser-Micali-Rivest signature scheme
Proceedings on Advances in cryptology---CRYPTO '86
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Journal of Computer and System Sciences
Perfectly one-way probabilistic hash functions (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Extracting randomness: a survey and new constructions
Journal of Computer and System Sciences
Lattice Attacks on Digital Signature Schemes
Designs, Codes and Cryptography
SIAM Journal on Computing
On the Exact Security of Full Domain Hash
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Towards Realizing Random Oracles: Hash Functions That Hide All Partial Information
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Digital Signcryption or How to Achieve Cost(Signature & Encryption)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
On the Security of Joint Signature and Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
How to Fool an Unbounded Adversary with a Short Key
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Formal Proofs for the Security of Signcryption
Journal of Cryptology
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Deterministic Encryption: Definitional Equivalences and Constructions without Random Oracles
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
The exact security of digital signatures-how to sign with RSA and Rabin
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Pseudorandom function tribe ensembles based on one-way permutations: improvements and applications
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Anonymous signatures made easy
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Deterministic and efficiently searchable encryption
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Entropic security and the encryption of high entropy messages
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Dynamic attribute-based signcryption without random oracles
International Journal of Applied Cryptography
Dynamic attribute-based signcryption without random oracles
International Journal of Applied Cryptography
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Hi-index | 0.00 |
Encrypt-and-sign, where one encrypts and signs a message in parallel, is usually not recommended for confidential message transmission as the signature may leak information about the message. This motivates our investigation of confidential signature schemes, which hide all information about (high-entropy) input messages. In this work we provide a formal treatment of confidentiality for such schemes. We give constructions meeting our notions, both in the random oracle model and the standard model. As part of this we show that full domain hash signatures achieve a weaker level of confidentiality than Fiat-Shamir signatures. We then examine the connection of confidential signatures to signcryption schemes. We give formal security models for deterministic signcryption schemes for high-entropy and low-entropy messages, and prove encrypt-and-sign to be secure for confidential signature schemes and high-entropy messages. Finally, we show that one can derandomize any signcryption scheme in our model and obtain a secure deterministic scheme.