A course in number theory and cryptography
A course in number theory and cryptography
A new signature scheme based on the DSA giving message recovery
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Use of Elliptic Curves in Cryptography
CRYPTO '85 Advances in Cryptology
Formal Security Proofs for a Signature Scheme with Partial Message Recovery
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Efficient Identity Based Signature Schemes Based on Pairings
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Authentication of Concast Communication
INDOCRYPT '02 Proceedings of the Third International Conference on Cryptology: Progress in Cryptology
Provably Secure Implicit Certificate Schemes
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
A Nyberg-Rueppel Signature for Multiple Messages and Its Batch Verification
ISC '02 Proceedings of the 5th International Conference on Information Security
Encrypted Message Authentication by Firewalls
PKC '99 Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography
On the Security of Lenstra's Variant of DSA without Long Inversions
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Solving the invalid signer-verified signature problem and comments on Xia-You group signature
Journal of Systems and Software
Efficient authenticated key agreement protocols resistant to a denial-of-service attack
International Journal of Network Management
ACM SIGOPS Operating Systems Review
A distributed multi-party key agreement protocol for dynamic collaborative groups using ECC
Journal of Parallel and Distributed Computing - 19th International parallel and distributed processing symposium
A new convertible authenticated encryption scheme with message linkages
Computers and Electrical Engineering
A Convertible Multi-Authenticated Encryption scheme for group communications
Information Sciences: an International Journal
Threshold authenticated encryption scheme using labor-division signature
Computer Standards & Interfaces
Double-Exponentiation in Factor-4 Groups and Its Applications
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Comments on the 'm out of n oblivious transfer'
Information Processing Letters
Server(prover/signer)-aided verification of identity proofs and signatures
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
EC transactions use different web-based platforms
ICCS'03 Proceedings of the 2003 international conference on Computational science: PartII
A practical identity-based signature scheme from bilinear map
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
Comments on the security of Chen's authenticated encryption scheme
Computers and Electrical Engineering
SOFSEM'06 Proceedings of the 32nd conference on Current Trends in Theory and Practice of Computer Science
Robust authenticated encryption scheme with message linkages
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part IV
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
On the security of two improved authenticated encryption schemes
International Journal of Security and Networks
Message transmission for GH-public key cryptosystem
Journal of Computational and Applied Mathematics
| Hi-index | 0.00 |
The new signature scheme presented by the authors in [13] is the first signature scheme based on the discrete logarithm problem that gives message recovery. The purpose of this paper is to show that the message recovery feature is independent of the choice of the signature equation and that all ElGamal-type schemes have variants giving message recovery. For each of the six basic ElGamal-type signature equations five variants are presented with different properties regarding message recovery, length of commitment and strong equivalence. Moreover, the six basic signature schemes have different properties regarding security and implementation. It turns out that the scheme proposed in [13] is the only inversionless scheme whereas the message recovery variant of the DSA requires computing of inverses in both generation and verification of signatures. In general, message recovery variants can be given for ElGamal-type signature schemes over any group with large cyclic subgroup as the multiplicative group of GF(2n) or elliptic curve over a finite field.The present paper also shows how to integrate the DLP-based message recovery schemes with secret session key establishment and ElGamal encryption. In particular, it is shown that with DLP-based schemes the same functionality as with RSA can be obtained. However, the schemes are not as elegant as RSA in the sense that the signature (verification) function cannot at the same time be used as the decipherment (encipherment) function.