Practical convertible authenticated encryption schemes using self-certified public keys

A convertible authenticated encryption scheme allows a designated receiver to recover and verify a message simultaneously, during which the recipient can prove the dishonesty of the sender to any third party if the sender repudiates her signature later. In this paper, after showing some weaknesses in Wu and Hsu [T. Wu, C. Hsu, Convertible authenticated encryption scheme. The Journal of Systems and Software 62 (2002) 205-209] and Huang and Chang [H. Huang, C. Chang, An efficient convertible authenticated encryption scheme and its variant, in: Proceedings of the ICICS2003-Fifth International Conference on Information and Communications Security, Springer-Verlag, LNCS 2836, 2003, p. 382] convertible authenticated encryption schemes, we propose a practical convertible authenticated encryption scheme using self-certified public keys and then extend it to one with message linkages when the signing message is large. Each scheme could provide semantic security of the message, the signer's public key can be simultaneously authenticated in checking a signature' validity and only under the cooperation of the recipient could a verifier know to whom a specific signature is sent. Finally, we give a variant that could make a verifier know to whom a signature is sent while verifying its validity.

[1]  Chin-Chen Chang,et al.  An Efficient Convertible Authenticated Encryption Scheme and Its Variant , 2003, ICICS.

[2]  Tzong-Chen Wu,et al.  Authenticated encryption scheme with (t, n) shared verification , 1998 .

[3]  Chin-Chen Chang,et al.  Autenticated Encryption Schemes with Message Linkage , 1996, Inf. Process. Lett..

[4]  Hung-Yu Chien,et al.  Authenticated encryption schemes with message linkages for message flows , 2003, Comput. Electr. Eng..

[5]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[6]  Patrick Horster,et al.  Authenticated encryption schemes with low communication costs , 1994 .

[7]  Yuliang Zheng,et al.  Signcryption and Its Applications in Efficient Public Key Solutions , 1997, ISW.

[8]  Fangguo Zhang,et al.  A Universal Forgery on Araki et al.'s Convertible Limited Verifier Signature Scheme , 2003, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[9]  Leonard M. Adleman,et al.  Open problems in number theoretic complexity, II , 1994, ANTS.

[10]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[11]  Rainer A. Rueppel,et al.  Message Recovery for Signature Schemes Based on the Discrete Logarithm Problem , 1994, EUROCRYPT.

[12]  Jinn-ke Jan,et al.  An Efficient Authenticated Encryption Scheme With Message Linkages and Low Communication Costs , 2002, J. Inf. Sci. Eng..

[13]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[14]  Chin-Chen Chang,et al.  Authenticated encryption scheme without using a one way function , 1995 .

[15]  Chien-Lung Hsu,et al.  Convertible authenticated encryption scheme , 2002, J. Syst. Softw..

[16]  Marc Girault,et al.  Self-Certified Public Keys , 1991, EUROCRYPT.

[17]  Yevgeniy Dodis,et al.  Concealment and Its Applications to Authenticated Encryption , 2003, International Conference on the Theory and Application of Cryptographic Techniques.

[18]  S. Araki,et al.  The Limited Verifier Signature and Its Application , 1999 .

[19]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[20]  Chin-Chen Chang,et al.  Authenticated Encryption Schemes with Linkage Between Message Blocks , 1997, Inf. Process. Lett..

[21]  R. A. Rueppel,et al.  Message recovery for signature schemes based on the discrete logarithm problem , 1994, EUROCRYPT.

[22]  Leonard M. Adleman,et al.  Open Problems in Number Theoretic Complexity , 1987 .

[23]  Robert H. Deng,et al.  A Signcryption Scheme with Signature Directly Verifiable by Public Key , 1998, Public Key Cryptography.

[24]  Hung-Yu Chien,et al.  Digital signature with message recovery using self-certified public keys and its variants , 2003, Appl. Math. Comput..

[25]  H. Petersen,et al.  Cryptanalysis and improvement of signcryption schemes , 1998 .