Abstract
In 2003, Boneh et al. proposed the first efficient verifiably encrypted signature scheme (BGLS) from bilinear maps, which can be used in fair exchange protocols of short signatures. However, there are two weaknesses in the scheme. The security proof is built on a weaker security model, in which the key pair of the adjudicator is chosen by the simulator instead of the signature forger. The other is that the ordinary signatures to be verifiably encrypted are deterministic. They suffer from strong collision attacks of hash functions. In this paper, we propose an enhanced verifiably encrypted short signature scheme. The new scheme is strongly unforgeable in the random oracle model under a stronger security model, where two inside adversaries, malicious adjudicator and malicious verifier, have more power than ever. The new scheme would tally with the actual circumstances of electronic commerce.
Similar content being viewed by others
References
Goldreich O (1983) A simple protocol for signing contracts, In Proceedings of Crypto’83, Plenum Press, pp.133–136, Springer-Verlag, 1983
Kremer S, Markowitch O, Zhou J (2002) An intensive survey of non-repudiation protocols. Comput Commun 25(17):1606–1621
Asokan N, Shoup V, Waidner M (1998) Optimistic fair exchange of digital signatures, Advances in Cryptology—Eurocrypt’98, LNCS 1403. Springer, Berlin, pp 591–606
Bao F, Deng R, Mao W (1998) Efficient and practical fair exchange protocols with off-line Carol, In Proceedings of the IEEE Symposium on Security and Privacy, pp. 77–85, 1998
Ateniese G (1999) Efficient verifiable encryption (and fair exchange) of digital signatures, Sixth ACM Conference on Computer and Communication Security, ACM, pp. 138–146, 1999
Camenisch J, Damgard IB (2000) Verifiable encryption, group encryption, and their applications to group signatures and signature sharing schemes, In Proceedings of Asiacrypt 2000, LNCS 1976, Springer-Verlag, pp. 331–345, 2000
Boneh D, Gentry C, Lynn B, Shacham H (2003) Aggregate and verifiably encrypted signatures from bilinear maps, In Proceedings of Eurocrypt 2003, LNCS 2656, Springer-Verlag, pp. 416–432, 2003
Zhang F, Safavi-Naini R, Susilo W (2003) Efficient verifiably encrypted signature and partially blind signature from bilinear pairings, in Proceedings of Indocrypt 2003, LNCS 2904, Springer-Verlag, pp.191–204, 2003
Wang G, Xia F, Zhao Y (2011) Designated confirmer signatures with unified verification. http://eprint.iacr.org/2011/182
Lu S, Ostrovsky R, Sahai A, Shacham H, Waters B (2006) Sequential aggregate signatures and multisignatures without random oracles, In Proceedings of EUROCRYPT’06, LNCS 4004, Springer-Verlag, pp. 465–485, 2006
Gorantla MC, Saxena A (2005) Verifiably encrypted signature scheme without random oracles, in Proceedings of ICDCIT 2005, LNCS 3816, Springer-Verlag, pp. 357–363, 2005
Ming Y, Wang Y (2009) An efficient verifiably encrypted signature scheme without random oracles. I. J. Network Security (IJNSEC) 8(2), pp.125–130, 2009
Zhang J, Mao J (2007) A novel verifiably encrypted signature scheme without random oracle, In Proceedings of Information Security Practice and Experience, LNCS 4464, Springer-Verlag, pp. 65–78, 2007
Rückert M, Schneider M, Schröder D (2010) Generic constructions for verifiably encrypted signatures without random oracles or NIZKs, In Proceedings of ACNS 2010, LNCS 6123, Springer-Verlag, pp. 69–86, 2010
Waters B (2005) Efficient identity-based encryption without random oracles, In Proceedings of EUROCRYPT’05, LNCS 3494, Springer-Verlag, pp. 114–127, 2005
Rückert M, Schröder D (2009) Security of verifiably encrypted signatures and a construction without random oracles, In Proceedings of Pairing’09, LNCS 5671, Springer-Verlag, pp. 17–34, 2009
Boneh D, Boyen X (2008) Short signatures without random oracles and the SDH assumption in bilinear groups. J Cryptol 21(2):149–177
Dodis Y, Reyzin L (2003) Breaking and repairing optimistic fair exchange from PODC2003, In Proceedings of ACM Workshop on Digital Right Management (DRM), pp.47–54, 2003
Shao Z (2008) Fair exchange protocol of signatures based on aggregate signatures. Comput Commun 31:1961–1969
Bellare M, Neven G (2006) Multi-signatures in the plain public-key model and a general forking lemma, In Proceedings of ACM CCS’06, pp.390–399, 2006
Ristenpart T, Yilek S (2007) The power of proofs-of-possession: securing multiparty signatures against rogue-key attack, In Proceedings of EUROCRYPT’07, LNCS 4515, Springer-Verlag, pp. 228–245, 2007
Huang Q, Yang G, Wong DS, Susilo W (2008) Efficient optimistic fair exchange secure in the multi-user setting and chosen-key model without random oracles, In proceedings of CT-RSA 2008, LNCS 4964, pp.106-120, 2008
Granboulan L (2002) Short signature in the random oracle model, In Proceedings of Asiacrypt’02, LNCS 2501, Springer-Verlag, pp. 364 – 378, 2002
Canetti R, Halevi S, Kata J (2004) Chosen-ciphertext security from identity-based encryption, In proceedings of Eurocrypt 2004, LNCS 3027, Springer-Verlag, pp. 207–22, 2004
An J, Dodis Y, Rabin T (2002) On the security of joint signature and encryption, In Proceedings of Eurocrypt’02, LNCS 2332. Springer, Berlin, pp 83–107
Coron J-S (2000) On the exact security of full-domain-hash, In Proceedings of Crypt 2000, LNCS 1880, Springer-Verlag, pp. 229–235, 2000
Bellare M, Rogaway P (1996) The exact security of digital signatures—how to sign with RSA and Rabin, In Proceedings of Eurocrypt’01, LNCS 1070, Springer-Verlag, pp. 399–416, 1996
Pointcheval D, Stern J (2000) Security arguments for digital signatures and blind signatures. J Cryptol 13(3):361–396
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Shao, Z. Verifiably encrypted short signatures from bilinear maps. Ann. Telecommun. 67, 437–445 (2012). https://doi.org/10.1007/s12243-011-0276-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12243-011-0276-5