Verifiably Encrypted Signatures from RSA without NIZKs.

Verifiably encrypted signature (VES) schemes allow a signer to encrypt a signature under the public key of a trusted party, the adjudicator, while maintaining public signature verifiability without interactive ... This paper answers the question of whether it is possible to implement a VES without pairings and zero-knowledge proofs. Our construction is based on RSA signatures and a Merkle hash tree. ... Unforgeability requires that it is hard to forge a verifiably encrypted signature and opacity implies that it is difficult to extract an ordinary signature from a verifiably encrypted signature without ...

doi:10.1007/978-3-642-10628-6_24 fatcat:llofbxqea5bcpncx63yrsesydu

So we propose a more authentication scheme that overcomes these attacks and flaws by make use of efficient verifiable encryption of RSA signatures. ... ., credential recovering attack and impersonation attack without credentials. ... Signature hiding means that an attacker cannot extract a signature from VES without help from the user who encrypted the signature or the trusted authority who can decrypt a VES. ...

doi:10.5815/ijitcs.2014.07.06 fatcat:dp7udsjouvb75myypps5q6ucu4

Open Access

Implementations of RSA Encryption schemes were done with C#; the scheme was compared with earlier constructed schemes to verify its performance. ... I was observed that these processes: signing, encryption, decryption and verification proved more efficient when compared to existing schemes using standard parameters. ... Computing Digital Signature The RSA digital signature private keys are used to sign, and the corresponding public keys are used to verify. ...

doi:10.20533/ijicr.2042.4655.2015.0072 fatcat:s6xpkqgxobdibmkgp5a3wlb65i

For example, an RSA key pair should be used only for public-key encryption or only for digital signatures, and not for both. ... Among public-key signature schemes, we analyze those of Cramer and Shoup and of Gennaro, Halevi, and Rabin in the standard model, while in the randomoracle model we analyze the RSA PSS scheme as well as ... The signature is (σ, R). To verify the signature the verifier computes e = H(R, m) and verifies that σ e = s mod n. ...

doi:10.1145/501983.502013 dblp:conf/ccs/HaberP01 fatcat:2arxeim56zgg7jkvtjurswrafu

RSA algorithm and Attribute Based Encryption (ABE) is used for encryption and decryption of messages in which ABE tends to be more efficient than RSA based algorithm. ... Chang-Lee coined a new SSO scheme which makes use of SCPC for mutual authentication and session key establishment whereas Schnorr signature makes use of TCP which generates and verifies the signature for ... RSA based Verifiable Encryption of Signature(RSA-VES) RSA based Verifiable Encryption of Signatures (RSA-VES), which is an efficient primitive for fair exchange of RSA signatures. ...

doi:10.1016/j.procs.2015.03.228 fatcat:xo3nmx4mhzhwjewn3o7k76p2wi

Open Access

While the original prototype implementation of zkay (v0.1) demonstrates the feasibility of the approach, its proof-of-concept implementation suffers from severe limitations such as insecure encryption ... In particular, zkay v0.2 supports state-of-the-art asymmetric and hybrid encryption, introduces many new language features (such as function calls, private control flow, and extended type support), allows ... a secret to be hidden from the verifier. ...

arXiv:2009.01020v2 fatcat:dglbn5wogfeo3aae4sl4oha544

Multiple Versions

In particular, it is only slightly more involved than the Naor-Yung encryption scheme that is secure against passive chosen-ciphertext attacks (CCA1). ... In this paper we present a simpler construction of a public-key encryption scheme that achieves adaptive chosen ciphertext security (CCA2), assuming the existence of trapdoor permutations. ... Acknowledgements We thank Amit Sahai for pointing out to us that the soundness of the simulation-sound NIZK can be made unconditional by using a commitment scheme with negligible support. ...

doi:10.1007/s00145-005-0345-x fatcat:a2dymtqm2jcu5liwrivqjp2fl4

In particular, it is only slightly more involved than the Naor-Yung encryption scheme that is secure against passive chosen-ciphertext attacks (CCA1). ... In this paper we present a simpler construction of a public-key encryption scheme that achieves adaptive chosen ciphertext security (CCA2), assuming the existence of trapdoor permutations. ... Acknowledgements We thank Amit Sahai for pointing out to us that the soundness of the simulation-sound NIZK can be made unconditional by using a commitment scheme with negligible support. ...

doi:10.1007/3-540-39200-9_15 fatcat:dbelrdhnabcwvchs4frpck7nb4

Moreover, by employing an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an improvement for repairing Chang-Lee scheme. ... Moreover, by employing an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an improvement for repairing the Chang-Lee scheme. ... To this end, we employ the efficient RSA-based verifiable encryption of signatures (VES) proposed by Ateniese [21] to verifiably and securely encrypt a user's credential. ...

doi:10.1109/tii.2012.2215877 fatcat:f46aasuporabde47tvkygkmd4y

Accountable ring signatures imply traditional ring and group signatures. ... Ring signatures and group signatures are prominent cryptographic primitives offering a combination of privacy and authentication. ... The research leading to these results has received funding from the European Research Council under the European Union's Seventh Framework Programme (FP/2007-2013) / ERC Grant Agreement n. 307937 and EPSRC ...

doi:10.1007/978-3-319-24174-6_13 fatcat:flp2cxh6vndfxfyqbj5qa37u5m

Specifically we can (1) Add signing capability to existing encryption capability with zero overhead in the size of the public key (2) Obtain RKA-secure signatures from any RKA-secure one-way function, ... Key-versatile signatures allow us to sign with keys already in use for another purpose, without changing the keys and without impacting the security of the original purpose. ... Here N is an RSA modulus and e ∈ Z * ϕ(N ) is an encryption exponent. ...

doi:10.1007/978-3-642-55220-5_28 fatcat:4zblgonrmjcdjk74ywsnnfwg2i

During the Audit phase, clients can verify the integrity of results using NIZK with the IO technique. The results for reduced verification time in auction system have been presented. ... During the auction phase, multiple clients share their encrypted bid value to the worker. The worker generates auction result and proof using Pedersen Commitment Scheme. ... Amit and Brent [21] has given different cryptographic building blocks such as public-key encryption, short signature, NIZK etc. using IO and one-way function. ...

doi:10.22266/ijies2020.1031.25 fatcat:fgh2tjr5x5c3pg2mrnajs2pqg4

To verify a signature σ on message m one computes Verify(vk, m, σ). ... As far as we know, the existence of one-way functions and NIZK arguments does not entail the existence of public key encryption. ... elements from [0, q − 1] The Camenisch-Lysyanskaya Signature Scheme. ...

doi:10.1007/978-3-540-30598-9_9 fatcat:cbf6pa7gwzfthgcm5yfa325iwa

A recipient of the signature is convinced that a signer with a set of attributes satisfying the signing policy has indeed produced the signature without learning the identity of the signer or which set ... Finally, we provide some instantiations of the primitive whose security reduces to falsifiable intractability assumptions and without relying on idealized assumptions. ... We also thank anonymous CT-RSA reviewers for valuable comments. ...

doi:10.1007/978-3-319-04852-9_17 fatcat:scop72exdvb3lijobfveebg7me

In other words, our schemes can be viewed as anonymous signature schemes as well as convertible undeniable signature schemes. ... They further satisfy unambiguity, which is traditionally required for anonymous signatures. ... The above sign-then-encrypt paradigm has also been successfully re-used in [33] in the RSA-based setting, creating RSA-based US schemes supporting (selective and all) conversions, with signatures of ...

doi:10.1007/978-3-642-15317-4_19 fatcat:hqxnu3rhvrhm7kgotke2sob3hu

Verifiably Encrypted Signatures from RSA without NIZKs [chapter]

Preserved Fulltext

Confidence Analysis of a Solo Sign-On Device for Distributed Computer Networks

Preserved Fulltext

A Rivest Shamir Adleman Approach to Attribute Based Security System

Preserved Fulltext

Securely combining public-key cryptosystems

Preserved Fulltext

Single Sign on Mechanism Using Attribute Based Encryption in Distributed Computer Networks

Preserved Fulltext

zkay v0.2: Practical Data Privacy for Smart Contracts [article]

Preserved Fulltext

Other Versions

A Simpler Construction of CCA2-Secure Public-Key Encryption under General Assumptions

Preserved Fulltext

A Simpler Construction of CCA2-Secure Public-Key Encryption under General Assumptions [chapter]

Preserved Fulltext

Security Analysis of a Single Sign-On Mechanism for Distributed Computer Networks

Preserved Fulltext

Short Accountable Ring Signatures Based on DDH [chapter]

Preserved Fulltext

Key-Versatile Signatures and Applications: RKA, KDM and Joint Enc/Sig [chapter]

Preserved Fulltext

Secure and Verifiable Multi-Party Computation Using Indistinguishability Obfuscation

Preserved Fulltext

Group Signatures: Better Efficiency and New Theoretical Aspects [chapter]

Preserved Fulltext

Decentralized Traceable Attribute-Based Signatures [chapter]

Preserved Fulltext

Provably Secure Convertible Undeniable Signatures with Unambiguity [chapter]

Preserved Fulltext