Confidential Signatures and Deterministic Signcryption
نویسندگان
چکیده
Encrypt-and-sign, where one encrypts and signs a message in parallel, is usually not recommended for confidential message transmission as the signature may leak information about the message. This motivates our investigation of confidential signature schemes, which hide all information about (high-entropy) input messages. In this work we provide a formal treatment of confidentiality for such schemes. We give constructions meeting our notions, both in the random oracle model and the standard model. As part of this we show that full domain hash signatures achieve a weaker level of confidentiality than Fiat-Shamir signatures. We then examine the connection of confidential signatures to signcryption schemes. We give formal security models for deterministic signcryption schemes for high-entropy and low-entropy messages, and prove encrypt-andsign to be secure for confidential signature schemes and high-entropy messages. Finally, we show that one can derandomize any signcryption scheme in our model and obtain a secure deterministic scheme.
منابع مشابه
Anonymous ID Based Signcryption Scheme for Multiple Receivers
Anonymous signcryption is synonyms of ring signcryption which provides anonymity of the sender along with the advantages of signcryption. Multi receiver signcryption is suited for situation where a sender wants to send a message to multiple receivers in the confidential and authenticated way. This paper proposes an identity based anonymous signcryption scheme in multireceiver setting. It also p...
متن کاملA Multi-Receiver ID-Based Generalized Signcryption Scheme
Generalized signcryption(GSC) can adaptively work as an encryption scheme, a signature scheme or a signcryption scheme with only one algorithm. In this paper, the formal definition and security notions of multi-receiver identity-based generalized signcryption (MID-GSC) are defined. A concrete scheme is also proposed and proved to be confidential under the Bilinear Diffie-Hellman (BDH) assumptio...
متن کاملAn Efficient and Publicly Verifiable Id-Based Multi-Signcryption Scheme
Multi-signcryption is used when different senders wants to authenticate a single message without revealing it. This paper proposes a multi signcryption scheme in which no pairing is computed on the signcryption stage and the signatures can be verified publicly.
متن کاملAn Effective Model for Signcryption using Attribute based Encryption
Secret and secure delivery of message is most important issue in field of security hence signcryption were used. The term signcryption is referred as a technique of encrypting the data with the use of signatures in area of public key cryptography. A signcryption technique is a combination of digital signature which is used for authentication and public key cryptography which is used for securin...
متن کاملCryptanalysis of Attribute-based Ring Signcryption Scheme
Signcryption can offer authentication and confidentiality simultaneously with better efficiency than traditional signature-then-encryption approach. Ring signature enables a user to conscribe arbitrarily a group of ring members and sign a message on behalf of the ring (which includes himself) without revealing his real identity. By integrating the notion of signcryption and ring signature, ring...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2009 شماره
صفحات -
تاریخ انتشار 2009