How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
On blind signatures and perfect crimes
Computers and Security
Untraceable off-line cash in wallet with observers
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Protocol failure in the escrowed encryption standard
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
How to break fraud-detectable key recovery
ACM SIGOPS Operating Systems Review
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Wallet Databases with Observers
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Mix-Networks on Permutation Networks
ASIACRYPT '99 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)
TCS '00 Proceedings of the International Conference IFIP on Theoretical Computer Science, Exploring New Frontiers of Theoretical Informatics
Efficient Electronic Cash with Restricted Privacy
FC '97 Proceedings of the First International Conference on Financial Cryptography
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
On the difficulty of software key escrow
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Binding ElGamal: a fraud-detectable alternative to key-escrow proposals
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
A formal approach to security architectures
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Hi-index | 0.00 |
An analysis of integrity services in cryptologic protocols is presented. The informal syntax, to be presented, attempts to model the integrity service as a property that is transferred from a key to a message. The message can, in turn, be a key. The modeling presupposes confidentiality and integrity to be the atomic properties or services offered by cryptologic algorithms. More complex algorithms and protocols, such as those for digital signature, identification protocols and nonmalleable encryption, are considered to be ensembles of these services. This paper concentrates only on the analysis of the integrity service in signature techniques based on the proof of knowledge of discrete logarithm. The paper will demonstrate the usefulness of this modeling by identifying flaws in the recent proposals for an efficient electronic cash system and a key-recovery system.