A public key cryptosystem and a signature scheme based on discrete logarithms
Proceedings of CRYPTO 84 on Advances in cryptology
Gradual and Verifiable Release of a Secret
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
A Practical and Provably Secure Coalition-Resistant Group Signature Scheme
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
How to win the clonewars: efficient periodic n-times anonymous authentication
Proceedings of the 13th ACM conference on Computer and communications security
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Practical Anonymous Divisible E-Cash from Bounded Accumulators
Financial Cryptography and Data Security
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Universally Composable Adaptive Oblivious Transfer
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient Protocols for Set Membership and Range Proofs
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Controlling Access to an Oblivious Database Using Stateful Anonymous Credentials
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Realizing Hash-and-Sign Signatures under Standard Assumptions
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Compact E-Cash and Simulatable VRFs Revisited
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
Proofs on Encrypted Values in Bilinear Groups and an Application to Anonymity of Signatures
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
Short and Stateless Signatures from the RSA Assumption
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Group Encryption: Non-interactive Realization in the Standard Model
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient proofs that a committed number lies in an interval
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Efficient non-interactive proof systems for bilinear groups
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Anonymity in transferable e-cash
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
P-signatures and noninteractive anonymous credentials
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Structure-preserving signatures and commitments to group elements
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Optimal structure-preserving signatures in asymmetric bilinear groups
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Simulation-sound NIZK proofs for a practical language and constant size group signatures
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
A cryptographic framework for the controlled release of certified data
SP'04 Proceedings of the 12th international conference on Security Protocols
Efficient identity-based encryption without random oracles
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Balancing accountability and privacy using e-cash (extended abstract)
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Non-interactive zaps and new techniques for NIZK
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
k-times anonymous authentication with a constant proving cost
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Perfect non-interactive zero knowledge for NP
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Compact e-cash from bounded accumulator
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Constant-Size structure-preserving signatures: generic constructions and simple assumptions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Hi-index | 0.00 |
Suppose we have a signature scheme for signing elements of message space $\mathcal{M}_1$, but we need to sign messages from $\mathcal{M}_2$. The traditional approach of applying a collision resistant hash function from $\mathcal{M}_1$ to $\mathcal{M}_2$ can be inconvenient when the signature scheme is used within more complex protocols, for example if we want to prove knowledge of a signature. Here, we present an alternative approach in which we can combine a signature for $\mathcal{M}_1$, a pairwise independent hash function with key space $\mathcal{M}_1$ and message space $\mathcal{M}_2$, and a non-interactive zero knowledge proof system to obtain a signature scheme for message space $\mathcal{M}_2$. This transform also removes any dependence on state in the signature for $\mathcal{M}_1$. As a result of our transformation we obtain a new signature scheme for signing a vector of group elements that is based only on the decisional linear assumption (DLIN). Moreover, the public keys and signatures of our scheme consist of group elements only, and a signature is verified by evaluating a set of pairing-product equations, so the result is a structure-preserving signature. In combination with the Groth-Sahai proof system, such a signature scheme is an ideal building block for many privacy-enhancing protocols.