Combined (identity-based) public key schemes
نویسندگان
چکیده
Consider a scenario in which parties use a public key encryption scheme and a signature scheme with a single public key/private key pair—so the private key sk is used for both signing and decrypting. Such a simultaneous use of a key is in general considered poor cryptographic practice, but from an efficiency point of view looks attractive. We offer security notions to analyze such violations of key separation. For both the identityand the non-identity-based setting, we show that— although being insecure in general—for schemes of interest the resulting combined (identity-based) public key scheme can offer strong security guarantees.
منابع مشابه
Combined schemes for signature and encryption: The public-key and the identity-based setting
Article history: Received 3 November 2008 Received in revised form 15 August 2013 Available online xxxx
متن کاملA Survey on Certificateless Encryption Techniques
Certificateless public key encryption is an advanced version of identity-based and public key encryption techniques. It eliminates the inherent key escrow and other key management issues in both techniques, e.g., it does not need any public key infrastructure or digital certificates. This paper presents a survey of the certificateless public key encryption schemes that have been proposed to imp...
متن کاملTime-Specific Encryption and Its Applications
This paper introduces and explores the new concept of Time-Specific Encryption (TSE). In (Plain) TSE, a Time Server broadcasts a key at the beginning of each time unit, a Time Instant Key (TIK). The sender of a message can specify any time interval during the encryption process; the receiver can decrypt to recover the message only if it has a TIK that corresponds to a time in that interval. We ...
متن کاملIdentity Based Public Verifiable Signcryption Scheme
Signcryption as a single cryptographic primitive offers both confidentiality and authentication simultaneously. Generally in signcryption schemes, the message is hidden and thus the validity of the ciphertext can be verified only after unsigncrypting the ciphertext. Thus, a third party will not be able to verify whether the ciphertext is valid or not. Signcryption schemes that allow any user to...
متن کاملAnonymous and Adaptively Secure Revocable IBE with Constant Size Public Parameters
In Identity-Based Encryption (IBE) systems, key revocation is non-trivial. This is because a user’s identity is itself a public key. Moreover, the private key corresponding to the identity needs to be obtained from a trusted key authority through an authenticated and secrecy protected channel. So far, there exist only a very small number of revocable IBE (RIBE) schemes that support non-interact...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2008 شماره
صفحات -
تاریخ انتشار 2008