Commuting Signatures and Verifiable Encryption