Advertisement

On Pairing-Based Cryptosystems

  • Tatsuaki Okamoto
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4341)

Abstract

The pairing technique that uses the (Weil and Tate) pairings over elliptic (or hyperelliptic) curves represents a great breakthrough in cryptography. This paper surveys this new trend in cryptography, and emphasizes the design of efficient cryptographic primitives that are provably secure in the standard model (i.e., without the random oracle model).

Keywords

Elliptic Curve Signature Scheme Random Oracle Blind Signature Random Oracle Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ateniese, G., Camenisch, J., de Medeiros, B., Hohenberger, S.: Practical Group Signatures without Random Oracles, IACR ePrint Archive, 2005/385 (2005), http://eprint.iacr.org/2005/385
  2. 2.
    Balasubramanian, R., Koblitz, N.: The Improbability that an Elliptic Curve Has Subexponential Discrete Log Problem under the Menezes-Okamoto-Vanstone Algorithm. J. Cryptology 11, 141–145 (1998)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Barreto, P.: The Pairing-Based Crypto Lounge, http://paginas.terra.com.br/informatica/paulobarreto/pblounge.html
  4. 4.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations Among Notions of Security for Public-Key Encryption Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)Google Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Random Oracles are Practical: a Paradigm for Designing Efficient Protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, CCS 1993, pp. 62–73. ACM, New York (1993)CrossRefGoogle Scholar
  6. 6.
    Bellare, M., Rogaway, P.: The Exact Security of Digital Signatures: How to Sign with RSA and Rabin. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 399–416. Springer, Heidelberg (1996)Google Scholar
  7. 7.
    Boldyreva, A.: Threshold Signature, Multisignature and Blind Signature Schemes Based on the Gap-Diffie-Hellman-Group Signature Scheme. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 31–46. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Boneh, D., Boyen, X.: Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Boneh, D., Boyen, X.: Short Signatures Without Random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Boneh, D., Boyen, X.: Secure Identity Based Encryption Without Random Oracles. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 443–459. Springer, Heidelberg (2004)Google Scholar
  11. 11.
    Boneh, D., Boyen, X., Halevi, S.: Chosen Ciphertext Secure Public Key Threshold Encryption Without Random Oracles. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 226–243. Springer, Heidelberg (2006), http://crypto.stanford.edu/~dabo/abstracts/threshold.html CrossRefGoogle Scholar
  12. 12.
    Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001); Journal version in SIAM Journal of Computing, 32(3), pp. 586–615 (2003)CrossRefGoogle Scholar
  13. 13.
    Boneh, D., Katz, J.: Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 87–103. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  15. 15.
    Boyen, X., Mei, Q., Waters, B.: Direct Chosen Ciphertext Security from Identity-Based Techniques. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS 2005, ACM, New York (2005), Full version available at: http://www.cs.stanford.edu/~xb/ccs05/ Google Scholar
  16. 16.
    Boyen, X., Waters, B.: Compact Group Signatures Without Random Oracles, IACR ePrint Archive, 2005/381 (2005), http://eprint.iacr.org/2005/381
  17. 17.
    Chen, L., Cheng, Z.: Security Proof of Sakai-Kasahara’s Identity-Based Encryption Scheme. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 442–459. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Cheon, J.H.: Security Analysis of the Strong Diffie-Hellman Problem. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 1–11. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Camenisch, J., Lysyanskaya, A.: A Signature Scheme with Efficient Protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  20. 20.
    Camenisch, J., Lysyanskaya, A.: Signature Schemes and Anonymous Credentials from Bilinear Maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)Google Scholar
  21. 21.
    Canetti, R., Halevi, S., Katz, J.: A Forward-Secure Public-Key Encryption Scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003), Full version available at: http://eprint.iacr.org/2003/083 CrossRefGoogle Scholar
  22. 22.
    Canetti, R., Halevi, S., Katz, J.: Chosen-Ciphertext Security from Identity-Based Encryption. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 207–222. Springer, Heidelberg (2004), Full version available at: http://eprint.iacr.org/2003/182 CrossRefGoogle Scholar
  23. 23.
    Cramer, R., Shoup, V.: A Practical Public Key Cryptosystem Provably Secure against Adaptive Chosen Ciphertext Attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)Google Scholar
  24. 24.
    Cramer, R., Shoup, V.: Signature Schemes Based on the Strong RSA Assumption. ACM TISSEC 3(3), 161–185 (2000); Extended abstract in: Proc. 6th ACM CCS (1999)CrossRefGoogle Scholar
  25. 25.
    Cramer, R., Shoup, V.: Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  26. 26.
    Dodis, Y., Yampolskiy, A.: A Verifiable Random Function with Short Proofs and Keys. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 416–431. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  27. 27.
    Fischlin, M.: The Cramer-Shoup Strong-RSASignature Scheme Revisited. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 116–129. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  28. 28.
    Gentry, C.: Practical Identity-Based Encryption Without Random Oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 445–464. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  29. 29.
    Gentry, C., Silverberg, A.: Hierarchical Identity-Based Cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  30. 30.
    Goldwasser, S., Micali, S., Rivest, R.: A Digital Signature Scheme Secure against Adaptive Chosen-Message Attacks. SIAM J. Computing 17(2), 281–308 (1988)MATHCrossRefMathSciNetGoogle Scholar
  31. 31.
    Joux, A.: One Round Protocol for Tripartite Diffie-Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–394. Springer, Heidelberg (2000); Journal version in Journal of Cryptology, 17(4), pp. 263–276 (2004)CrossRefGoogle Scholar
  32. 32.
    Kiltz, E.: Direct Chosen-Ciphertext Secure Identity-Based Encryption in the Standard Model with Short Ciphertexts, IACR ePrint Archive, 2006/122 (2006), http://eprint.iacr.org/2006/122
  33. 33.
    Koblitz, N., Menezes, A.: Pairing-Based Cryptography at High Security Levels, IACR ePrint Archive, 2005/076 (2005), http://eprint.iacr.org/2005/076
  34. 34.
    Menezes, A., Okamoto, T., Vanstone, S.: Reducing Elliptic Curve Logarithms to Logarithms in a Finite Field. IEEE Transactions on Information Theory 39, 1639–1646 (1993)MATHCrossRefMathSciNetGoogle Scholar
  35. 35.
    Miller, V.: The Weil Pairing, and its Efficient Calculation. Journal of Cryptology 17(4) (2004)Google Scholar
  36. 36.
    Miyaji, A., Nakabayashi, M., Takano, S.: New Explicit Conditions of Elliptic Curve Traces for FR-reduction. IEICE Trans. Fundamentals, E84-A(5) (2001)Google Scholar
  37. 37.
    Okamoto, T.: Efficient Blind and Partially Blind Signatures Without Random Oracles. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 80–99. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  38. 38.
    Sakai, R., Kasahara, M.: ID Based Cryptosystems with Pairing on Elliptic Curve, IACR ePrint Archive, 2003/054 (2003), http://eprint.iacr.org/2003/054
  39. 39.
    Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems Based on Pairings. In: Symposium on Cryptography and Information Security, SCIS 2000, Japan (2000)Google Scholar
  40. 40.
    Shamir, A.: Identity-Based Cryptosystems and Signature Schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  41. 41.
    Verheul, E.: Self-Blindable Credential Certificates from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 533–551. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  42. 42.
    Waters, B.: Efficient Identity-Based Encryption Without Random Oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005), www.eprint.iacr.org/2004/180 CrossRefGoogle Scholar
  43. 43.
    Zhang, F., Chen, X., Susilo, W., Mu, Y.: A New Short Signature Scheme Without Random Oracles from Bilinear Pairings, IACR ePrint Archive, 2005/386 (2005), http://eprint.iacr.org/2005/386

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Tatsuaki Okamoto
    • 1
  1. 1.NTT Laboratories, Nippon Telegraph and Telephone CorporationYokosukaJapan

Personalised recommendations