Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Proceedings on Advances in cryptology---CRYPTO '86
Proceedings on Advances in cryptology---CRYPTO '86
A secure and privacy-protecting protocol for transmitting personal information between organizations
Proceedings on Advances in cryptology---CRYPTO '86
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Subliminal-free authentication and signature
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Zero-knowledge proofs of identity
Journal of Cryptology
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
SIAM Journal on Computing
Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
The Power of RSA Inversion Oracles and the Security of Chaum's RSA-Based Blind Signature Scheme
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Efficient Zero-Knowledge Proofs of Knowledge Without Intractability Assumptions
PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
How to Utilize the Randomness of Zero-Knowledge Proofs
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
On Defining Proofs of Knowledge
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Signature schemes and applications to cryptographic protocol design
Signature schemes and applications to cryptographic protocol design
The exact security of digital signatures-how to sign with RSA and Rabin
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Universal designated verifier signature proof (or how to efficiently prove knowledge of a signature)
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Efficient identity-based encryption without random oracles
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Efficient Deniable Authentication for Signatures
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Non-interactive confirmer signatures
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Cryptography and Security
| Hi-index | 0.00 |
We address the case in credential systems where a credential owner wants to show her credential to a verifier without taking the risk that the ability to prove ownership of the same (and any other) credential is transferred to the verifier. We define credential ownership proof protocols for credentials signed by standard signature schemes. We also propose proper security definitions for the protocol, aiming to protect the security of both the credential issuer and the credential owner against concurrent attacks. We give two generic constructions of credential ownership proofs based on identity-based encryption and identity-based identification schemes. Furthermore, we show that signatures with credential ownership proofs are equivalent to identity-based identification schemes, in the sense that any secure construction of each implies a secure construction of the other. Finally, we show that the GQ identification protocol yields an efficient credential ownership proof for credentials signed by the RSA-FDH signature scheme of Bellare and Rogaway and prove the protocol concurrently-secure.