On the Joint Security of Encryption and Signature, Revisited

  • Kenneth G. Paterson
  • Jacob C. N. Schuldt
  • Martijn Stam
  • Susan Thomson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7073)

Abstract

We revisit the topic of joint security for combined public key schemes, wherein a single keypair is used for both encryption and signature primitives in a secure manner. While breaking the principle of key separation, such schemes have attractive properties and are sometimes used in practice. We give a general construction for a combined public key scheme having joint security that uses IBE as a component and that works in the standard model. We provide a more efficient direct construction, also in the standard model.

References

  1. 1.
    Acar, T., Belenkiy, M., Bellare, M., Cash, D.: Cryptographic Agility and Its Relation to Circular Encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 403–422. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Barreto, P.S.L.M., Naehrig, M.: Pairing-Friendly Elliptic Curves of Prime Order. In: Preneel, B., Tavares, S.E. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Boneh, D., Boyen, X.: Efficient selective identity-based encryption without random oracles. Journal of Cryptology To appear, http://www.springerlink.com/content/n6363233lk4q4h11/
  4. 4.
    Boneh, D., Boyen, X.: Short signatures without random oracles and the SDH assumption in bilinear groups. J. Cryptology 21(2), 149–177 (2008)CrossRefMATHMathSciNetGoogle Scholar
  5. 5.
    Boneh, D., Canetti, R., Halevi, S., Katz, J.: Chosen-ciphertext security from identity-based encryption. SIAM J. Comput. 36(5), 1301–1328 (2007)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)CrossRefMATHMathSciNetGoogle Scholar
  7. 7.
    Boyen, X., Mei, Q., Waters, B.: Direct chosen ciphertext security from identity-based techniques. In: ACM Conference on Computer and Communications Security, pp. 320–329. ACM (2005)Google Scholar
  8. 8.
    Coron, J.S., Joye, M., Naccache, D., Paillier, P.: Universal Padding Schemes for RSA. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 226–241. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Dodis, Y., Freedman, M.J., Jarecki, S., Walfish, S.: Optimal signcryption from any trapdoor permutation. Cryptology ePrint Archive, Report 2004/020 (2004), http://eprint.iacr.org/
  10. 10.
    Dodis, Y., Freedman, M.J., Jarecki, S., Walfish, S.: Versatile padding schemes for joint signature and encryption. In: ACM Conference on Computer and Communications Security, pp. 344–353. ACM (2004)Google Scholar
  11. 11.
    EMV Specifications, Version 4.2, Books 1–4 (June 2008), http://www.emvco.com/
  12. 12.
    Freeman, D., Scott, M., Teske, E.: A taxonomy of pairing-friendly elliptic curves. J. Cryptology 23(2), 224–280 (2010)CrossRefMATHMathSciNetGoogle Scholar
  13. 13.
    Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discrete Applied Mathematics 156(16), 3113–3121 (2008)CrossRefMATHMathSciNetGoogle Scholar
  14. 14.
    Gentry, C.: Practical Identity-Based Encryption Without Random Oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 445–464. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Haber, S., Pinkas, B.: Securely combining public-key cryptosystems. In: ACM Conference on Computer and Communications Security, pp. 215–224. ACM (2001)Google Scholar
  16. 16.
    Hess, F.: Efficient Identity Based Signature Schemes Based on Pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Hofheinz, D., Kiltz, E.: Programmable Hash Functions and Their Applications. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 21–38. Springer, Heidelberg (2008)Google Scholar
  18. 18.
    Kelsey, J., Schneier, B., Wagner, D.: Protocol Interactions and the Chosen Protocol Attack. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 91–104. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  19. 19.
    Kiltz, E.: Chosen-Ciphertext Secure Key-Encapsulation Based on Gap Hashed Diffie-Hellman. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 282–297. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  20. 20.
    Klíma, V., Rosa, T.: Further Results and Considerations on Side Channel Attacks on RSA. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 244–259. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  21. 21.
    Komano, Y., Ohta, K.: Efficient Universal Padding Techniques for Multiplicative Trapdoor One-Way Permutation. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 366–382. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Kurosawa, K., Desmedt, Y.G.: A New Paradigm of Hybrid Encryption Scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)Google Scholar
  23. 23.
    Matsuda, T., Matsuura, K., Schuldt, J.C.N.: Efficient Constructions of Signcryption Schemes and Signcryption Composability. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol. 5922, pp. 321–342. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  24. 24.
    Paterson, K.G., Schuldt, J.C., Stam, M., Thomson, S.: On the joint security of encryption and signature, revisited. Cryptology ePrint Archive, Report 2011/486 (2011)Google Scholar
  25. 25.
    Phan, D.H., Pointcheval, D.: About the Security of Ciphers (Semantic Security and Pseudo-Random Permutations). In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 182–197. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  26. 26.
    Rubin, K., Silverberg, A.: Compression in finite fields and torus-based cryptography. SIAM J. Comput. 37(5), 1401–1428 (2008)CrossRefMATHMathSciNetGoogle Scholar
  27. 27.
    Vasco, M.I.G., Hess, F., Steinwandt, R.: Combined (identity-based) public key schemes. Cryptology ePrint Archive, Report 2008/466 (2008), http://eprint.iacr.org/
  28. 28.
    Waters, B.: Efficient Identity-Based Encryption Without Random Oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Kenneth G. Paterson
    • 1
  • Jacob C. N. Schuldt
    • 2
  • Martijn Stam
    • 3
  • Susan Thomson
    • 1
  1. 1.Royal Holloway, University of LondonUK
  2. 2.Research Center for Information Security, AISTJapan
  3. 3.University of BristolUK

Personalised recommendations