A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Complexity and Fast Algorithms for Multiexponentiations
IEEE Transactions on Computers
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
Algorithms for Multi-exponentiation
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
Efficient Identity Based Signature Schemes Based on Pairings
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
An Identity-Based Signature from Gap Diffie-Hellman Groups
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Short Signatures from the Weil Pairing
Journal of Cryptology
Group signatures with verifier-local revocation
Proceedings of the 11th ACM conference on Computer and communications security
Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups
Journal of Cryptology
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Batch Verification of Short Signatures
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
General Certificateless Encryption and Timed-Release Encryption
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Server-Aided Verification Signatures: Definitions and New Constructions
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Practical Short Signature Batch Verification
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Aggregate and verifiably encrypted signatures from bilinear maps
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Identity-based broadcast encryption with constant size ciphertexts and private keys
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Provably secure server-aided verification signatures
Computers & Mathematics with Applications
Non-interactive confirmer signatures
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Identity-based online/offline key encapsulation and encryption
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Secure mobile subscription of sensor-encrypted data
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
New privacy-preserving architectures for identity-/attribute-based encryption
New privacy-preserving architectures for identity-/attribute-based encryption
Server-Aided verification: theory and practice
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Short undeniable signatures without random oracles: the missing link
INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
Enhanced aggregate signatures from pairings
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
Efficient identity based ring signature
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Collusion resistant broadcast encryption with short ciphertexts and private keys
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Efficient identity-based encryption without random oracles
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Fuzzy identity-based encryption
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Security-Mediated certificateless cryptography
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Sequential aggregate signatures and multisignatures without random oracles
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Secure delegation of elliptic-curve pairing
CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application
SPICE: simple privacy-preserving identity-management for cloud environment
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
Wireless handheld devices are increasingly popular. The authenticity of the information or a program to be downloaded is important, especially for business uses. In server-aided verification (SAV), a substantial part of the verification computation can be offloaded to an untrusted server. This allows resource-constrained devices to enjoy the security guarantees provided by cryptographic schemes, such as pairing-based signatures, which may be too heavyweight to verify otherwise. To gain unfair advantage, an adversary may bribe (or collude with) the server either to convince that an invalid signature is a valid one or to claim that a valid signature is invalid (say for providing repudiable information/commitment, or spoiling an opponent's offer). However, these concerns are not properly captured by existing models. In this paper, we infer the meaning behind and point out the subtleties in existing models; and propose a new model to capture the collusion attack. We also show that two existing schemes are insecure in their own model. Finally, we provide a generic pairing-based SAV protocol. Compared with the protocol of Girault-Lefranc in Asiacrypt '05, ours provides a higher level of security yet applicable to a much wider class of pairing-based cryptosystems. In particular, it suggests SAV protocols for short signatures in the standard model and aggregate signatures which have not been studied before.