Giving an Adversary Guarantees (Or: How to Model Designated Verifier Signatures in a Composable Framework) View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2021-12-01

AUTHORS

Ueli Maurer , Christopher Portmann , Guilherme Rito

ABSTRACT

When defining a security notion, one typically specifies what dishonest parties cannot achieve. For example, communication is confidential if a third party cannot learn anything about the messages being transmitted, and it is authentic if a third party cannot impersonate the real (honest) sender. For certain applications, however, security crucially relies on giving dishonest parties certain capabilities. As an example, in Designated Verifier Signature (DVS) schemes, one captures that only the designated verifier can be convinced of the authenticity of a message by guaranteeing that any dishonest party can forge signatures which look indistinguishable (to a third party) from original ones created by the sender.However, composable frameworks cannot typically model such guarantees as they are only designed to bound what a dishonest party can do. In this paper we show how to model such guarantees—that dishonest parties must have some capability—in the Constructive Cryptography framework (Maurer and Renner, ICS 2011). More concretely, we give the first composable security definitions for Multi-Designated Verifier Signature (MDVS) schemes—a generalization of DVS schemes.The ideal world is defined as the intersection of two worlds. The first captures authenticity in the usual way. The second provides the guarantee that a dishonest party can forge signatures. By taking the intersection we have an ideal world with the desired properties.We also compare our composable definitions to existing security notions for MDVS schemes from the literature. We find that only recently, 23 years after the introduction of MDVS schemes, sufficiently strong security notions were introduced capturing the security of MDVS schemes (Damgård et al., TCC 2020). As we prove, however, these notions are still strictly stronger than necessary. More... »

PAGES

189-219

Book

TITLE

Advances in Cryptology – ASIACRYPT 2021

ISBN

978-3-030-92077-7
978-3-030-92078-4

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-030-92078-4_7

DOI

http://dx.doi.org/10.1007/978-3-030-92078-4_7

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1143487725


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Maurer", 
        "givenName": "Ueli", 
        "id": "sg:person.01316567627.91", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Concordium, Z\u00fcrich, Switzerland", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "Concordium, Z\u00fcrich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Portmann", 
        "givenName": "Christopher", 
        "id": "sg:person.012175151063.55", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012175151063.55"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Rito", 
        "givenName": "Guilherme", 
        "id": "sg:person.013404447221.98", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013404447221.98"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2021-12-01", 
    "datePublishedReg": "2021-12-01", 
    "description": "When defining a security notion, one typically specifies what dishonest parties cannot achieve. For example, communication is confidential if a third party cannot learn anything about the messages being transmitted, and it is authentic if a third party cannot impersonate the real (honest) sender. For certain applications, however, security crucially relies on giving dishonest parties certain capabilities. As an example, in Designated Verifier Signature (DVS) schemes, one captures that only the designated verifier can be convinced of the authenticity of a message by guaranteeing that any dishonest party can forge signatures which look indistinguishable (to a third party) from original ones created by the sender.However, composable frameworks cannot typically model such guarantees as they are only designed to bound what a dishonest party can do. In this paper we show how to model such guarantees\u2014that dishonest parties must have some capability\u2014in the Constructive Cryptography framework (Maurer and Renner, ICS 2011). More concretely, we give the first composable security definitions for Multi-Designated Verifier Signature (MDVS) schemes\u2014a generalization of DVS schemes.The ideal world is defined as the intersection of two worlds. The first captures authenticity in the usual way. The second provides the guarantee that a dishonest party can forge signatures. By taking the intersection we have an ideal world with the desired properties.We also compare our composable definitions to existing security notions for MDVS schemes from the literature. We find that only recently, 23 years after the introduction of MDVS schemes, sufficiently strong security notions were introduced capturing the security of MDVS schemes\u00a0(Damg\u00e5rd et al., TCC 2020). As we prove, however, these notions are still strictly stronger than necessary.", 
    "editor": [
      {
        "familyName": "Tibouchi", 
        "givenName": "Mehdi", 
        "type": "Person"
      }, 
      {
        "familyName": "Wang", 
        "givenName": "Huaxiong", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-030-92078-4_7", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-030-92077-7", 
        "978-3-030-92078-4"
      ], 
      "name": "Advances in Cryptology \u2013 ASIACRYPT 2021", 
      "type": "Book"
    }, 
    "keywords": [
      "security notions", 
      "dishonest party", 
      "verifier signature scheme", 
      "signature scheme", 
      "such guarantees", 
      "constructive cryptography framework", 
      "strong security notion", 
      "third party", 
      "composable security definition", 
      "Designated Verifier Signature Scheme", 
      "composable framework", 
      "real sender", 
      "security definitions", 
      "composable definitions", 
      "DVS scheme", 
      "guarantees", 
      "certain capabilities", 
      "security", 
      "sender", 
      "certain applications", 
      "scheme", 
      "original one", 
      "messages", 
      "ideal world", 
      "framework", 
      "capability", 
      "verifier", 
      "authenticity", 
      "parties", 
      "Multi", 
      "communication", 
      "notion", 
      "example", 
      "world", 
      "usual way", 
      "intersection", 
      "definition", 
      "applications", 
      "signatures", 
      "way", 
      "generalization", 
      "capture", 
      "one", 
      "introduction", 
      "literature", 
      "properties", 
      "years", 
      "paper"
    ], 
    "name": "Giving an Adversary Guarantees (Or: How to Model Designated Verifier Signatures in a Composable Framework)", 
    "pagination": "189-219", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1143487725"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-030-92078-4_7"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-030-92078-4_7", 
      "https://app.dimensions.ai/details/publication/pub.1143487725"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:46", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_368.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-030-92078-4_7"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-92078-4_7'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-92078-4_7'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-92078-4_7'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-92078-4_7'


 

This table displays all metadata directly associated to this object as RDF triples.

130 TRIPLES      23 PREDICATES      73 URIs      66 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-030-92078-4_7 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author Ne10d32b79362465b81b61510a1077a87
4 schema:datePublished 2021-12-01
5 schema:datePublishedReg 2021-12-01
6 schema:description When defining a security notion, one typically specifies what dishonest parties cannot achieve. For example, communication is confidential if a third party cannot learn anything about the messages being transmitted, and it is authentic if a third party cannot impersonate the real (honest) sender. For certain applications, however, security crucially relies on giving dishonest parties certain capabilities. As an example, in Designated Verifier Signature (DVS) schemes, one captures that only the designated verifier can be convinced of the authenticity of a message by guaranteeing that any dishonest party can forge signatures which look indistinguishable (to a third party) from original ones created by the sender.However, composable frameworks cannot typically model such guarantees as they are only designed to bound what a dishonest party can do. In this paper we show how to model such guarantees—that dishonest parties must have some capability—in the Constructive Cryptography framework (Maurer and Renner, ICS 2011). More concretely, we give the first composable security definitions for Multi-Designated Verifier Signature (MDVS) schemes—a generalization of DVS schemes.The ideal world is defined as the intersection of two worlds. The first captures authenticity in the usual way. The second provides the guarantee that a dishonest party can forge signatures. By taking the intersection we have an ideal world with the desired properties.We also compare our composable definitions to existing security notions for MDVS schemes from the literature. We find that only recently, 23 years after the introduction of MDVS schemes, sufficiently strong security notions were introduced capturing the security of MDVS schemes (Damgård et al., TCC 2020). As we prove, however, these notions are still strictly stronger than necessary.
7 schema:editor Nab568a2dcd3f47c99cdf10ca6e2cb1d5
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree true
11 schema:isPartOf N3525e3f5299c4627a08e18d78f009b44
12 schema:keywords DVS scheme
13 Designated Verifier Signature Scheme
14 Multi
15 applications
16 authenticity
17 capability
18 capture
19 certain applications
20 certain capabilities
21 communication
22 composable definitions
23 composable framework
24 composable security definition
25 constructive cryptography framework
26 definition
27 dishonest party
28 example
29 framework
30 generalization
31 guarantees
32 ideal world
33 intersection
34 introduction
35 literature
36 messages
37 notion
38 one
39 original one
40 paper
41 parties
42 properties
43 real sender
44 scheme
45 security
46 security definitions
47 security notions
48 sender
49 signature scheme
50 signatures
51 strong security notion
52 such guarantees
53 third party
54 usual way
55 verifier
56 verifier signature scheme
57 way
58 world
59 years
60 schema:name Giving an Adversary Guarantees (Or: How to Model Designated Verifier Signatures in a Composable Framework)
61 schema:pagination 189-219
62 schema:productId N04dbdf4abe53440096d21ebbd5c809ed
63 N8fef36a1625a45c5a3e348d204895e38
64 schema:publisher Nda8c46301cf74e26b086010e9df01ef4
65 schema:sameAs https://app.dimensions.ai/details/publication/pub.1143487725
66 https://doi.org/10.1007/978-3-030-92078-4_7
67 schema:sdDatePublished 2022-05-20T07:46
68 schema:sdLicense https://scigraph.springernature.com/explorer/license/
69 schema:sdPublisher Ne05a47d2f35a44d58491e92e04265239
70 schema:url https://doi.org/10.1007/978-3-030-92078-4_7
71 sgo:license sg:explorer/license/
72 sgo:sdDataset chapters
73 rdf:type schema:Chapter
74 N04dbdf4abe53440096d21ebbd5c809ed schema:name dimensions_id
75 schema:value pub.1143487725
76 rdf:type schema:PropertyValue
77 N3525e3f5299c4627a08e18d78f009b44 schema:isbn 978-3-030-92077-7
78 978-3-030-92078-4
79 schema:name Advances in Cryptology – ASIACRYPT 2021
80 rdf:type schema:Book
81 N8528d34ef3594966922c9f33776e9f34 schema:familyName Wang
82 schema:givenName Huaxiong
83 rdf:type schema:Person
84 N8fef36a1625a45c5a3e348d204895e38 schema:name doi
85 schema:value 10.1007/978-3-030-92078-4_7
86 rdf:type schema:PropertyValue
87 N9ed738eb0b294a5abe1300c47d624cf7 rdf:first sg:person.013404447221.98
88 rdf:rest rdf:nil
89 Nab568a2dcd3f47c99cdf10ca6e2cb1d5 rdf:first Ndbb77554d2464bba9f8a8a15e0f4f338
90 rdf:rest Nc0a10d0768dc4937a032838723777989
91 Naf4dae7654ed4e728cb85f34cf28d90a rdf:first sg:person.012175151063.55
92 rdf:rest N9ed738eb0b294a5abe1300c47d624cf7
93 Nc0a10d0768dc4937a032838723777989 rdf:first N8528d34ef3594966922c9f33776e9f34
94 rdf:rest rdf:nil
95 Nda8c46301cf74e26b086010e9df01ef4 schema:name Springer Nature
96 rdf:type schema:Organisation
97 Ndbb77554d2464bba9f8a8a15e0f4f338 schema:familyName Tibouchi
98 schema:givenName Mehdi
99 rdf:type schema:Person
100 Ne05a47d2f35a44d58491e92e04265239 schema:name Springer Nature - SN SciGraph project
101 rdf:type schema:Organization
102 Ne10d32b79362465b81b61510a1077a87 rdf:first sg:person.01316567627.91
103 rdf:rest Naf4dae7654ed4e728cb85f34cf28d90a
104 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
105 schema:name Information and Computing Sciences
106 rdf:type schema:DefinedTerm
107 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
108 schema:name Data Format
109 rdf:type schema:DefinedTerm
110 sg:person.012175151063.55 schema:affiliation grid-institutes:None
111 schema:familyName Portmann
112 schema:givenName Christopher
113 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012175151063.55
114 rdf:type schema:Person
115 sg:person.01316567627.91 schema:affiliation grid-institutes:grid.5801.c
116 schema:familyName Maurer
117 schema:givenName Ueli
118 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91
119 rdf:type schema:Person
120 sg:person.013404447221.98 schema:affiliation grid-institutes:grid.5801.c
121 schema:familyName Rito
122 schema:givenName Guilherme
123 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013404447221.98
124 rdf:type schema:Person
125 grid-institutes:None schema:alternateName Concordium, Zürich, Switzerland
126 schema:name Concordium, Zürich, Switzerland
127 rdf:type schema:Organization
128 grid-institutes:grid.5801.c schema:alternateName Department of Computer Science, ETH Zürich, Zürich, Switzerland
129 schema:name Department of Computer Science, ETH Zürich, Zürich, Switzerland
130 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...