New Paradigms for Constructing Symmetric Encryption Schemes Secure against Chosen-Ciphertext Attack
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Time-lock Puzzles and Timed-release Crypto
Time-lock Puzzles and Timed-release Crypto
RSA-OAEP Is Secure under the RSA Assumption
Journal of Cryptology
Scalable, Server-Passive, User-Anonymous Timed Release Cryptography
ICDCS '05 Proceedings of the 25th IEEE International Conference on Distributed Computing Systems
Practical electronic lotteries with offline TTP
Computer Communications
Conditional oblivious transfer and timed-release encryption
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Public-key encryption in a multi-user setting: security proofs and improvements
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Chosen-ciphertext security of multiple encryption
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Token-controlled public key encryption
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Time-based release of confidential information in hierarchical settings
ISC'05 Proceedings of the 8th international conference on Information Security
Certificateless public key encryption without pairing
ISC'05 Proceedings of the 8th international conference on Information Security
Timed-release encryption with pre-open capability and its application to certified e-mail system
ISC'05 Proceedings of the 8th international conference on Information Security
Efficient and non-interactive timed-release encryption
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
A generic construction for token-controlled public key encryption
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
Security-Mediated certificateless cryptography
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Revisiting the security model for timed-release encryption with pre-open capability
ISC'07 Proceedings of the 10th international conference on Information Security
General Certificateless Encryption and Timed-Release Encryption
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Timed-Release Encryption Revisited
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Hi-index | 0.00 |
In many financial or legal scenarios (such as trading stocks, wills and safe-deposit boxes), we want to ensure that a certain task (reading the buy/sell instruction, obtaining the property, or opening the box in emergencies respectively) cannot be performed until a certain time or a certain pre-defined condition occurs. Token-controlled public key encryption (TCE), introduced in [2], is a handy tool for these situations. Roughly speaking, messages are encrypted by a public key together with a secret token in TCE, such that the receiver holding the corresponding private key cannot decrypt until the token is released. TCE is also useful in rapid distribution of information and sealed-bid auctions, etc. In Financial Cryptography 2006, Galindo and Herranz [15] proposed a generic construction of TCE in the random oracle model. However, we show that it is insecure against insider attack, namely, a malicious user without the token can learn partial information about the message. We propose a strengthened definition of security, and also new privacy requirements. It turns out that [15] is also insecure against outsider attack in our new definition. We then give a new generic construction provably secure in the standard model, which is nearly as efficient as a standard public key encryption scheme.