A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Simulation-Based Security with Inexhaustible Interactive Turing Machines
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
The reactive simulatability (RSIM) framework for asynchronous systems
Information and Computation
Rethinking accountable privacy supporting services: extended abstract
Proceedings of the 4th ACM workshop on Digital identity management
On the Portability of Generalized Schnorr Proofs
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Signature Schemes with Bounded Leakage Resilience
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Efficient non-interactive proof systems for bilinear groups
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
P-signatures and noninteractive anonymous credentials
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Structure-preserving signatures and commitments to group elements
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Credential authenticated identification and key exchange
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Optimistic fair exchange of digital signatures
IEEE Journal on Selected Areas in Communications
Group to group commitments do not shrink
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Efficient structure-preserving signature scheme from standard assumptions
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
On the (im)possibility of projecting property in prime-order setting
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
| Hi-index | 0.00 |
In this paper we present the first CCA-secure public key encryption scheme that is structure preserving, i.e., our encryption scheme uses only algebraic operations. In particular, it does not use hash-functions or interpret group elements as bit-strings. This makes our scheme a perfect building block for cryptographic protocols where parties for instance want to prove properties about ciphertexts to each other or to jointly compute ciphertexts. Our scheme is very efficient and is secure against adaptive chosen ciphertext attacks. We also provide a few example protocols for which our scheme is useful. For instance, we present an efficient protocol for two parties, Alice and Bob, that allows them to jointly encrypt a given function of their respective secret inputs such that only Bob learns the resulting ciphertext, yet they are both ensured of the computation's correctness. This protocol serves as a building block for our second contribution which is a set of protocols that implement the concept of so-called oblivious trusted third parties. This concept has been proposed before, but no concrete realization was known.