On the Security of Joint Signature and Encryption View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2002-04-29

AUTHORS

Jee Hea An , Yevgeniy Dodis , Tal Rabin

ABSTRACT

We formally study the notion of a joint signature and encryption in the public-key setting. We refer to this primitive as signcryption, adapting the terminology of [35]. We present two definitions for the security of signcryption depending on whether the adversary is an outsider or a legal user of the system. We then examine generic sequential composition methods of building signcryption from a signature and encryption scheme. Contrary to what recent results in the symmetric setting [5, 22] might lead one to expect, we show that classical “encryptthen-sign” (EtS) and “sign-then-encrypt” (StE) methods are both secure composition methods in the public-key setting.We also present a new composition method which we call “commit-then-encrypt-and-sign” (CtE&S). Unlike the generic sequential composition methods, CtE&S applies the expensive signature and encryption operations in parallel, which could imply a gain in efficiency over the StE and EtS schemes. We also show that the new (CtE&S) method elegantly combines with the recent “hash-sign-switch” technique of [30], leading to efficient on-line /off-line signcryption.Finally and of independent interest, we discuss the definitional inadequacy of the standard notion of chosen ciphertext (CCA2) security. We suggest a natural and very slight relaxation of CCA2-security, which we call generalized CCA2-security (gCCA2). We show that gCCA2-security suffices for all known uses of CCA2-secure encryption, while no longer suffering from the definitional shortcomings of the latter. More... »

PAGES

83-107

Book

TITLE

Advances in Cryptology — EUROCRYPT 2002

ISBN

978-3-540-43553-2
978-3-540-46035-0

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/3-540-46035-7_6

DOI

http://dx.doi.org/10.1007/3-540-46035-7_6

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1024386190


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "SoftMax Inc., San Diego, USA", 
          "id": "http://www.grid.ac/institutes/grid.430388.4", 
          "name": [
            "SoftMax Inc., San Diego, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "An", 
        "givenName": "Jee Hea", 
        "id": "sg:person.011346660461.51", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011346660461.51"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, New York University, USA", 
          "id": "http://www.grid.ac/institutes/grid.137628.9", 
          "name": [
            "Department of Computer Science, New York University, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Dodis", 
        "givenName": "Yevgeniy", 
        "id": "sg:person.015074130645.34", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015074130645.34"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IBM T.J. Watson Research Center, USA", 
          "id": "http://www.grid.ac/institutes/grid.481554.9", 
          "name": [
            "IBM T.J. Watson Research Center, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Rabin", 
        "givenName": "Tal", 
        "id": "sg:person.015473523512.58", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015473523512.58"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2002-04-29", 
    "datePublishedReg": "2002-04-29", 
    "description": "We formally study the notion of a joint signature and encryption in the public-key setting. We refer to this primitive as signcryption, adapting the terminology of [35]. We present two definitions for the security of signcryption depending on whether the adversary is an outsider or a legal user of the system. We then examine generic sequential composition methods of building signcryption from a signature and encryption scheme. Contrary to what recent results in the symmetric setting [5, 22] might lead one to expect, we show that classical \u201cencryptthen-sign\u201d (EtS) and \u201csign-then-encrypt\u201d (StE) methods are both secure composition methods in the public-key setting.We also present a new composition method which we call \u201ccommit-then-encrypt-and-sign\u201d (CtE&S). Unlike the generic sequential composition methods, CtE&S applies the expensive signature and encryption operations in parallel, which could imply a gain in efficiency over the StE and EtS schemes. We also show that the new (CtE&S) method elegantly combines with the recent \u201chash-sign-switch\u201d technique of [30], leading to efficient on-line /off-line signcryption.Finally and of independent interest, we discuss the definitional inadequacy of the standard notion of chosen ciphertext (CCA2) security. We suggest a natural and very slight relaxation of CCA2-security, which we call generalized CCA2-security (gCCA2). We show that gCCA2-security suffices for all known uses of CCA2-secure encryption, while no longer suffering from the definitional shortcomings of the latter.", 
    "editor": [
      {
        "familyName": "Knudsen", 
        "givenName": "Lars R.", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/3-540-46035-7_6", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-540-43553-2", 
        "978-3-540-46035-0"
      ], 
      "name": "Advances in Cryptology \u2014 EUROCRYPT 2002", 
      "type": "Book"
    }, 
    "keywords": [
      "public key setting", 
      "composition method", 
      "CCA2-secure encryption", 
      "new composition method", 
      "expensive signature", 
      "joint signature", 
      "legal users", 
      "encryption operations", 
      "encryption scheme", 
      "CCA2 security", 
      "ciphertext security", 
      "signcryption", 
      "encryption", 
      "encrypt", 
      "security", 
      "ET scheme", 
      "standard notion", 
      "independent interest", 
      "scheme", 
      "symmetric setting", 
      "adversary", 
      "primitives", 
      "users", 
      "commits", 
      "new method", 
      "method", 
      "signatures", 
      "shortcomings", 
      "notion", 
      "operation", 
      "system", 
      "technique", 
      "efficiency", 
      "terminology", 
      "slight relaxation", 
      "definition", 
      "parallel", 
      "setting", 
      "suffices", 
      "interest", 
      "recent results", 
      "switch", 
      "results", 
      "gain", 
      "inadequacy", 
      "outsiders", 
      "uses", 
      "lines", 
      "STE", 
      "relaxation", 
      "signs"
    ], 
    "name": "On the Security of Joint Signature and Encryption", 
    "pagination": "83-107", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1024386190"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/3-540-46035-7_6"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/3-540-46035-7_6", 
      "https://app.dimensions.ai/details/publication/pub.1024386190"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:46", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_344.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/3-540-46035-7_6"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/3-540-46035-7_6'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/3-540-46035-7_6'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/3-540-46035-7_6'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/3-540-46035-7_6'


 

This table displays all metadata directly associated to this object as RDF triples.

131 TRIPLES      23 PREDICATES      76 URIs      69 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/3-540-46035-7_6 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author Nc135ebe72dc44efdb2d892c79df787fe
4 schema:datePublished 2002-04-29
5 schema:datePublishedReg 2002-04-29
6 schema:description We formally study the notion of a joint signature and encryption in the public-key setting. We refer to this primitive as signcryption, adapting the terminology of [35]. We present two definitions for the security of signcryption depending on whether the adversary is an outsider or a legal user of the system. We then examine generic sequential composition methods of building signcryption from a signature and encryption scheme. Contrary to what recent results in the symmetric setting [5, 22] might lead one to expect, we show that classical “encryptthen-sign” (EtS) and “sign-then-encrypt” (StE) methods are both secure composition methods in the public-key setting.We also present a new composition method which we call “commit-then-encrypt-and-sign” (CtE&S). Unlike the generic sequential composition methods, CtE&S applies the expensive signature and encryption operations in parallel, which could imply a gain in efficiency over the StE and EtS schemes. We also show that the new (CtE&S) method elegantly combines with the recent “hash-sign-switch” technique of [30], leading to efficient on-line /off-line signcryption.Finally and of independent interest, we discuss the definitional inadequacy of the standard notion of chosen ciphertext (CCA2) security. We suggest a natural and very slight relaxation of CCA2-security, which we call generalized CCA2-security (gCCA2). We show that gCCA2-security suffices for all known uses of CCA2-secure encryption, while no longer suffering from the definitional shortcomings of the latter.
7 schema:editor Nabea214f329e451cb5ad82b4219760ba
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree true
11 schema:isPartOf N73688238b6344f109db2c4ca7292ffb7
12 schema:keywords CCA2 security
13 CCA2-secure encryption
14 ET scheme
15 STE
16 adversary
17 ciphertext security
18 commits
19 composition method
20 definition
21 efficiency
22 encrypt
23 encryption
24 encryption operations
25 encryption scheme
26 expensive signature
27 gain
28 inadequacy
29 independent interest
30 interest
31 joint signature
32 legal users
33 lines
34 method
35 new composition method
36 new method
37 notion
38 operation
39 outsiders
40 parallel
41 primitives
42 public key setting
43 recent results
44 relaxation
45 results
46 scheme
47 security
48 setting
49 shortcomings
50 signatures
51 signcryption
52 signs
53 slight relaxation
54 standard notion
55 suffices
56 switch
57 symmetric setting
58 system
59 technique
60 terminology
61 users
62 uses
63 schema:name On the Security of Joint Signature and Encryption
64 schema:pagination 83-107
65 schema:productId N403e18b14bf5453a80a2a97374f8185a
66 N821b2435eeb94cf5b68f3159f2e25692
67 schema:publisher N1e8716fd67d54250ab61e38b4f44b332
68 schema:sameAs https://app.dimensions.ai/details/publication/pub.1024386190
69 https://doi.org/10.1007/3-540-46035-7_6
70 schema:sdDatePublished 2022-05-20T07:46
71 schema:sdLicense https://scigraph.springernature.com/explorer/license/
72 schema:sdPublisher N622456ca8cfc4e7ba88a895997c8ca40
73 schema:url https://doi.org/10.1007/3-540-46035-7_6
74 sgo:license sg:explorer/license/
75 sgo:sdDataset chapters
76 rdf:type schema:Chapter
77 N1e8716fd67d54250ab61e38b4f44b332 schema:name Springer Nature
78 rdf:type schema:Organisation
79 N403e18b14bf5453a80a2a97374f8185a schema:name doi
80 schema:value 10.1007/3-540-46035-7_6
81 rdf:type schema:PropertyValue
82 N4605397033cb45469883a4ec2b89286e rdf:first sg:person.015473523512.58
83 rdf:rest rdf:nil
84 N622456ca8cfc4e7ba88a895997c8ca40 schema:name Springer Nature - SN SciGraph project
85 rdf:type schema:Organization
86 N73688238b6344f109db2c4ca7292ffb7 schema:isbn 978-3-540-43553-2
87 978-3-540-46035-0
88 schema:name Advances in Cryptology — EUROCRYPT 2002
89 rdf:type schema:Book
90 N821b2435eeb94cf5b68f3159f2e25692 schema:name dimensions_id
91 schema:value pub.1024386190
92 rdf:type schema:PropertyValue
93 Na65854ced9844f3aa6c24bcebc404cb6 schema:familyName Knudsen
94 schema:givenName Lars R.
95 rdf:type schema:Person
96 Nabea214f329e451cb5ad82b4219760ba rdf:first Na65854ced9844f3aa6c24bcebc404cb6
97 rdf:rest rdf:nil
98 Nc135ebe72dc44efdb2d892c79df787fe rdf:first sg:person.011346660461.51
99 rdf:rest Nfc9ce820e667460785b3b6fa858b110c
100 Nfc9ce820e667460785b3b6fa858b110c rdf:first sg:person.015074130645.34
101 rdf:rest N4605397033cb45469883a4ec2b89286e
102 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
103 schema:name Information and Computing Sciences
104 rdf:type schema:DefinedTerm
105 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
106 schema:name Data Format
107 rdf:type schema:DefinedTerm
108 sg:person.011346660461.51 schema:affiliation grid-institutes:grid.430388.4
109 schema:familyName An
110 schema:givenName Jee Hea
111 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011346660461.51
112 rdf:type schema:Person
113 sg:person.015074130645.34 schema:affiliation grid-institutes:grid.137628.9
114 schema:familyName Dodis
115 schema:givenName Yevgeniy
116 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015074130645.34
117 rdf:type schema:Person
118 sg:person.015473523512.58 schema:affiliation grid-institutes:grid.481554.9
119 schema:familyName Rabin
120 schema:givenName Tal
121 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015473523512.58
122 rdf:type schema:Person
123 grid-institutes:grid.137628.9 schema:alternateName Department of Computer Science, New York University, USA
124 schema:name Department of Computer Science, New York University, USA
125 rdf:type schema:Organization
126 grid-institutes:grid.430388.4 schema:alternateName SoftMax Inc., San Diego, USA
127 schema:name SoftMax Inc., San Diego, USA
128 rdf:type schema:Organization
129 grid-institutes:grid.481554.9 schema:alternateName IBM T.J. Watson Research Center, USA
130 schema:name IBM T.J. Watson Research Center, USA
131 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...