EPOC-2 is a public-key cryptosystem that can be proved IND-CCA2 under the factoring assumption in the random oracle model. It was written into a standard specification P1363 of IEEE, and it has been a candidate of the public-key cryptosystem in several international standards (or portfolio) on cryptography, e.g. NESSIE, CRYPTREC, ISO, etc. In this paper we propose a chosen ciphertext attack aga...

Understanding what construction strategy has a chance to be a good hash function is extremely important nowadays. In TCC’04, Maurer et al. [13] introduced the notion of indifferentiability as a generalization of the concept of the indistinguishability of two systems. In Crypto’2005, Coron et al. [5] suggested to employ indifferentiability in generic analysis of hash functions and started by sug...

In this paper, we propose a set of ring signature (RS) schemes and identity-based ring signature (IBRS) schemes using the lattice basis delegation technique due to [10,22]. The schemes are unforgeable and hold anonymity in the random oracle model. Using the method in [28,29], we also extend our constructions to obtain RS and IBRS schemes in the standard model. Our proposed ring signature scheme...

In this article, we discuss the security of double-blocklength (DBL) hash functions against the free-start collision attack. We focus on the DBL hash functions composed of compression functions of the form F(x) = ( f (x), f (p(x))), where f is a smaller compression function and p is a permutation. We first show, in the random oracle model, that a significantly good upper bound can be obtained o...

We consider a generalization of the standard oracle model in which the oracle acts on the target with a permutation selected according to internal random coins. We describe several problems that are impossible to solve classically but can be solved by a quantum algorithm using a single query; we show that such infinity-vs-one separations between classical and quantum query complexities can be c...

Certificateless cryptography (CL-PKC) is a concept that aims at enjoying the advantages of identity based cryptography without suffering from its inherent key escrow. Several methods were recently suggested to generically construct a certificateless encryption (CLE) scheme by combining identity based schemes with ordinary public key cryptosystems. Whilst the security of one of these generic com...

A proxy signature scheme allows one user to delegate his/her signing authority to another user called a proxy signer in such a way that the latter can sign messages on behalf of the former. Moreover, after verification, the verifier is convinced of the original signer’s agreement on the signed message. There exist several certificateless proxy signature schemes in the literature, but all of the...

Most approaches to the formal analyses of cryptographic protocols make the perfect cryptography assumption, i.e. the hypothese that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to rely on a weaker hypothesis on the computational cost of gaining information about the plaintext pertaining to a ciphertext with...

The Fiat-Shamir paradigm was proposed as a way to remove interaction from 3-round proof of knowledge protocols and derive secure signature schemes. This generic transformation leads to very efficient schemes and has thus grown quite popular. However, this transformation is proven secure only in the random oracle model. In FOCS 2003, Goldwasser and Kalai showed that this transformation is provab...

Current proxy signature schemes are mostly identity-based signatures that distinguish users by identity. This method faces some problems, such as identity information leakage and single access control. Attribute-based (ABPS) divides the signer’s into a collection of attributes; thus, users’ can be protected control become fine-grained. With development quantum computers, security based on tradi...