Practical and provably secure release of a secret and exchange of signatures
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Optimistic protocols for fair exchange
Proceedings of the 4th ACM conference on Computer and communications security
Signature schemes based on the strong RSA assumption
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
ACISP '97 Proceedings of the Second Australasian Conference on Information Security and Privacy
A Fair Protocol for Signing Contracts (Extended Abstract)
Proceedings of the 12th Colloquium on Automata, Languages and Programming
Abuse-Free Optimistic Contract Signing
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Off-Line Fair Payment Protocols Using Convertible Signatures
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
A Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Client/Server Tradeoffs for Online Elections
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
Simple and fast optimistic protocols for fair electronic exchange
Proceedings of the twenty-second annual symposium on Principles of distributed computing
Constructing fair-exchange protocols for E-commerce via distributed computation of RSA signatures
Proceedings of the twenty-second annual symposium on Principles of distributed computing
Breaking and repairing optimistic fair exchange from PODC 2003
Proceedings of the 3rd ACM workshop on Digital rights management
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Efficient proofs that a committed number lies in an interval
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Aggregate and verifiably encrypted signatures from bilinear maps
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Stand-Alone and setup-free verifiably committed signatures
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Optimistic fair exchange of digital signatures
IEEE Journal on Selected Areas in Communications
Security Analysis of Zhu-Bao's Verifiably Committed Signature
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Efficient Fair Exchange from Identity-Based Signature
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Multi-party stand-alone and setup-free verifiably committed signatures
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Further observations on optimistic fair exchange protocols in the multi-user setting
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
| Hi-index | 0.00 |
Two notions regarding fair exchange protocols have been introduced and formalized in the literature – one is verifiably encrypted signatures; the other is verifiably committed signatures. Thus it is always interesting to explore relationship between two notions. In this paper, we first show that the existence of verifiably encrypted signatures implies the existence of the verifiably committed signatures while the existence of verifiably committed signatures does not imply the existence of verifiably encrypted signatures. As a result, the notion of verifiably committed signatures is a general extension of the notion of verifiably encrypted signatures. The state-of-the-art verifiably committed signature that enjoys the off-line, setup-free and stand-alone properties is due to Zhu and Bao [21]. The main criticism of their paper is the use of Boudot's protocol which is pretty expensive indeed. This paper further makes contributions regarding the removal of Boudot's protocol from their construction [21]. To cope with this challenge problem, we provide a general construction of stand-alone and setup-free verifiably committed signatures from Schnorr's signature without the help of Boudot's protocol. We show that our implementation is provably secure in the random oracle model assuming that the underlying Schnorr's signature scheme is secure against adaptive chosen message attack and Paillier's encryption scheme is one-way. Since Cramer-Shoup's trapdoor hash signature is of ad hoc structure, we can embed the discrete logarithm structure where Schnorr's signature is defined into Cramer-Shoup's scheme and then apply the proved result to the verifiably committed signature of [21].