A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
How to construct efficient signcryption schemes on elliptic curves
Information Processing Letters
Securely combining public-key cryptosystems
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Authenticated-encryption with associated-data
Proceedings of the 9th ACM conference on Computer and communications security
Universal Padding Schemes for RSA
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Digital Signcryption or How to Achieve Cost(Signature & Encryption)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
On the Security of Joint Signature and Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Defective Sign & Encrypt in S/MIME, PKCS#7, MOSS, PEM, PGP, and XML
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
Formal Proofs for the Security of Signcryption
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
On the power of claw-free permutations
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Two birds one stone: signcryption using RSA
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Signcryption Scheme in Multi-user Setting without Random Oracles
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Chosen Ciphertext Security with Optimal Ciphertext Overhead
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of Provably Secure Multi-Receiver ID-Based Signcryption Scheme
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Security of practical cryptosystems using Merkle-Damgård hash function in the ideal cipher model
ProvSec'11 Proceedings of the 5th international conference on Provable security
ECGSC: elliptic curve based generalized signcryption
UIC'06 Proceedings of the Third international conference on Ubiquitous Intelligence and Computing
Improved signcryption from q-Diffie-Hellman problems
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Certificateless KEM and hybrid signcryption schemes revisited
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
On the joint security of encryption and signature, revisited
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Hi-index | 0.00 |
We propose several highly-practical and optimized constructions for joint signature and encryption primitives often referred to as signcryption. All our signcryption schemes, built directly from trapdoor permutations such as RSA, share features such as simplicity, efficiency, generality, near-optimal exact security, flexible and ad-hoc key management, key reuse for sending/receiving data, optimally-low message expansion, "backward" use for plain signature/encryption, long message and associated data support, the strongest-known qualitative security and, finally, complete compatibility with the PKCS#1 infrastructure. Similar to the design of plain RSA-based signature and encryption schemes, such as RSA-FDH and RSA-OAEP, our signcryption schemes are constructed by designing appropriate padding schemes suitable for use with trapdoor permutations. We build a general and flexible framework for the design and analysis of secure Feistel-based padding schemes, as well as three composition paradigms for using such paddings to build optimized signcryption schemes. To unify many secure padding options offered as special cases of our framework, we construct a single versatile padding scheme PSEP which, by simply adjusting the parameters, can work optimally with any of the three composition paradigms for either signature, encryption, or signcryption. We illustrate the utility of our signcryption schemes by applying them to build a secure key-exchange protocol, with performance results showing 3x-5x speed-up compared to standard protocols.