How to prove all NP-statements in zero-knowledge, and a methodology of cryptographic protocol design
Proceedings on Advances in cryptology---CRYPTO '86
Non-interactive zero-knowledge and its applications
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Foundations of Cryptography: Basic Tools
Foundations of Cryptography: Basic Tools
Digital Signcryption or How to Achieve Cost(Signature & Encryption)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
On the Security of Joint Signature and Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
A Signcryption Scheme with Signature Directly Verifiable by Public Key
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Formal Proofs for the Security of Signcryption
Journal of Cryptology
Efficient Constructions of Signcryption Schemes and Signcryption Composability
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
On Generic Constructions of Designated Confirmer Signatures
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Provably secure encrypt-then-sign composition in hybrid signcryption
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
New DSA-verifiable signcryption schemes
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
Efficient non-interactive proof systems for bilinear groups
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Efficient confirmer signatures from the "signature of a commitment" paradigm
ProvSec'10 Proceedings of the 4th international conference on Provable security
Identity based public verifiable signcryption scheme
ProvSec'10 Proceedings of the 4th international conference on Provable security
Efficient generic constructions of signcryption with insider security in the multi-user setting
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Efficient short signcryption scheme with public verifiability
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Hybrid signcryption schemes with outsider security
ISC'05 Proceedings of the 8th international conference on Information Security
Non-interactive zero-knowledge from homomorphic encryption
TCC'06 Proceedings of the Third conference on Theory of Cryptography
A public key cryptosystem and a signature scheme based on discrete logarithms
IEEE Transactions on Information Theory
Constructing practical signcryption KEM from standard assumptions without random oracles
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
Signcryption is a primitive which simultaneously performs the functions of both signature and encryption in a way that is more efficient than signing and encrypting separately. We study in this paper constructions of signcryption schemes from basic cryptographic mechanisms; our study concludes that the known constructions require expensive encryption in order to attain confidentiality, however some adjustments make them rest on cheap encryption without compromising their security. Our constructions further enjoy verifiability which entitles the sender or the receiver to prove the validity of a signcryption with/out revealing the signcrypted message. They also allow the receiver to release some information which allows anyone to publicly verify a signcryption on a given message. Finally, our constructions accept efficient instantiations if the building blocks belong to a wide class of signature/encryption schemes.