Contributions to pairing-based cryptography

Pairing-based cryptography is an active research area in cryptography in the last decade. Pairings are bilinear mappings defined over cyclic groups wherein the discrete logarithm problem is hard. The bilinear property of pairings enables researchers to solve open problems like the construction of practical identity-based encryption, or short signatures without random oracles. Pairings can also be used to construct new cryptographic primitives. This thesis contributes to the pairing-based cryptography in three areas. Firstly, we show that pairings can be used to construct efficient and provably secure digital signature schemes. We give the first convertible undeniable signatures without random oracles, and the first concrete sanitisable signatures without random oracles. We also construct a new signature primitive called concinnous signatures, which is designed to facilitate fair exchange of digital signatures without any trusted third party. Secondly, we analyse the identity-based cryptosystems which extensively use pairings. We mainly focus on the key escrow problem of identity-based cryptography. We propose the notion of escrow-free identity-based signatures. Furthermore, we discuss the impossibility of ideal escrow-free identity-based encryption. After that, we investigate the best defence against the key escrow problem of identity-based encryption. We categorise the existing solutions into preventive measure and blaming mechanism. In the category of preventive measure, we propose the notion of fully anonymous identitybased encryption. In the category of blaming mechanism, we also construct a new accountable-authority identity-based encryption. Finally, we construct new cryptographic primitives and frameworks using pairings. We give new instantiations and applications of lossy trapdoor function. We give a new cryptographic primitive called two-tier trapdoor functions. From two-tier trapdoor functions, we construct a new encryption primitive called two-tier encryption. It is a generalisation of a number of encryption schemes, including identity-based encryption. We also propose a cryptographic treatment of publish/subscribe systems.

[1]  Brent Waters,et al.  Black-box accountable authority identity-based encryption , 2008, CCS.

[2]  Aggelos Kiayias,et al.  Anonymous Identification in Ad Hoc Groups , 2004, EUROCRYPT.

[3]  Moni Naor,et al.  Timed Commitments , 2000, CRYPTO.

[4]  Chanathip Namprempre,et al.  The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme , 2003, Journal of Cryptology.

[5]  Florian Hess,et al.  Pairing Lattices , 2008, Pairing.

[6]  Brent Waters,et al.  Fully Collusion Resistant Traitor Tracing with Short Ciphertexts and Private Keys , 2006, EUROCRYPT.

[7]  Matthew Green,et al.  Blind Identity-Based Encryption and Simulatable Oblivious Transfer , 2007, ASIACRYPT.

[8]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[9]  Markus Jakobsson,et al.  Designated Verifier Proofs and Their Applications , 1996, EUROCRYPT.

[10]  Joseph H. Silverman,et al.  The arithmetic of elliptic curves , 1986, Graduate texts in mathematics.

[11]  A. Juels,et al.  Universal Re-encryption for Mixnets , 2004, CT-RSA.

[12]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2006 .

[13]  Jan Camenisch,et al.  Compact E-Cash , 2005, EUROCRYPT.

[14]  Marc Girault,et al.  An Identity-based Identification Scheme Based on Discrete Logarithms Modulo a Composite Number , 1991, EUROCRYPT.

[15]  Yasuo Hatano,et al.  Efficient signature schemes supporting redaction, pseudonymization, and data deidentification , 2008, ASIACCS '08.

[16]  Kenneth G. Paterson,et al.  Concurrent Signatures , 2004, EUROCRYPT.

[17]  P. Stănică GOOD LOWER AND UPPER BOUNDS ON BINOMIAL COEFFICIENTS , 2001 .

[18]  Simona Orzan,et al.  Fair Exchange Is Incomparable to Consensus , 2008, ICTAC.

[19]  Yi Mu,et al.  Perfect Concurrent Signature Schemes , 2004, ICICS.

[20]  Paulo S. L. M. Barreto,et al.  Efficient pairing computation on supersingular Abelian varieties , 2007, IACR Cryptol. ePrint Arch..

[21]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[22]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[23]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[24]  Michael K. Reiter,et al.  Fair Exchange with a Semi-Trusted Third Party (extended abstract) , 1997, CCS.

[25]  Eike Kiltz,et al.  Chosen-Ciphertext Security from Tag-Based Encryption , 2006, TCC.

[26]  Javier Herranz,et al.  On the Generic Construction of Identity-Based Signatures with Additional Properties , 2006, ASIACRYPT.

[27]  Ron Steinfeld,et al.  Content Extraction Signatures , 2001, ICISC.

[28]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[29]  Kazuo Ohta,et al.  A Modification of the Fiat-Shamir Scheme , 1988, CRYPTO.

[30]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[31]  Matthew Green,et al.  Universally Composable Adaptive Oblivious Transfer , 2008, IACR Cryptol. ePrint Arch..

[32]  Rosario Gennaro,et al.  Securing Threshold Cryptosystems against Chosen Ciphertext Attack , 1998, EUROCRYPT.

[33]  Aggelos Kiayias,et al.  Group Encryption , 2007, ASIACRYPT.

[34]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[35]  Haifeng Chen,et al.  Enabling Information Confidentiality in Publish/Subscribe Overlay Services , 2008, 2008 IEEE International Conference on Communications.

[36]  Michael Sipser,et al.  Introduction to the Theory of Computation , 1996, SIGA.

[37]  Craig Gentry,et al.  Certificate-Based Encryption and the Certificate Revocation Problem , 2003, EUROCRYPT.

[38]  David Pointcheval,et al.  New Anonymity Notions for Identity-Based Encryption , 2009, Formal to Practical Security.

[39]  Tsz Hon Yuen,et al.  Practical Threshold Signatures Without Random Oracles , 2007, ProvSec.

[40]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[41]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[42]  A. Lewko,et al.  Fully Secure HIBE with Short Ciphertexts , 2009 .

[43]  Brent Waters,et al.  Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles) , 2006, CRYPTO.

[44]  Himanshu Khurana,et al.  Scalable security and accounting services for content-based publish/subscribe systems , 2005, SAC '05.

[45]  Jun Li,et al.  An Efficient Scheme for Preserving Confidentiality in Content-Based Publish-Subscribe Systems , 2004 .

[46]  M. Kasahara,et al.  A New Traitor Tracing , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[47]  David Chaum,et al.  Convertible Undeniable Signatures , 1990, CRYPTO.

[48]  Patrick Horster,et al.  Breaking and repairing a convertible undeniable signature scheme , 1996, CCS '96.

[49]  Andreas Enge,et al.  Building Curves with Arbitrary Small MOV Degree over Finite Prime Fields , 2004, Journal of Cryptology.

[50]  Melissa Chase,et al.  On Signatures of Knowledge , 2006, CRYPTO.

[51]  Yi Mu,et al.  A Generic Construction for Universally-Convertible Undeniable Signatures , 2007, CANS.

[52]  Steven D. Galbraith,et al.  Ordinary abelian varieties having small embedding degree , 2007, Finite Fields Their Appl..

[53]  Marek Klonowski,et al.  Extended Sanitizable Signatures , 2006, ICISC.

[54]  Hugo Krawczyk,et al.  RSA-Based Undeniable Signatures , 1997, Journal of Cryptology.

[55]  Takashi Yoshioka,et al.  PIATS: A Partially Sanitizable Signature Scheme , 2005, ICICS.

[56]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[57]  Thomas Shrimpton,et al.  Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance , 2004, FSE.

[58]  Yi Mu,et al.  Provably Secure Pairing-Based Convertible Undeniable Signature with Short Signature Length , 2007, Pairing.

[59]  Yevgeniy Dodis,et al.  Optimistic Fair Exchange in a Multi-user Setting , 2007, J. Univers. Comput. Sci..

[60]  Annegret Weng,et al.  Elliptic Curves Suitable for Pairing Based Cryptography , 2005, Des. Codes Cryptogr..

[61]  Abhi Shelat,et al.  Simulatable Adaptive Oblivious Transfer , 2007, EUROCRYPT.

[62]  Brent Waters,et al.  A Framework for Efficient and Composable Oblivious Transfer , 2008, CRYPTO.

[63]  Mihir Bellare,et al.  Key-Privacy in Public-Key Encryption , 2001, ASIACRYPT.

[64]  Gene Tsudik,et al.  Sanitizable Signatures , 2005, ESORICS.

[65]  Xavier Boyen,et al.  The BF Identity-Based Encryption System , 2006 .

[66]  Kenneth G. Paterson,et al.  Security and Anonymity of Identity-Based Encryption with Multiple Trusted Authorities , 2008, Pairing.

[67]  Guomin Yang,et al.  Ambiguous Optimistic Fair Exchange , 2008, ASIACRYPT.

[68]  Kaoru Kurosawa,et al.  New Approach for Selectively Convertible Undeniable Signature Schemes , 2006, ASIACRYPT.

[69]  Alexander L. Wolf,et al.  Security issues and requirements for Internet-scale publish-subscribe systems , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[70]  Yael Tauman Kalai,et al.  On the (In)security of the Fiat-Shamir paradigm , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[71]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[72]  D. Galindo Chacon Boneh-Franklin Identity Based Encryption Revisited , 2005 .

[73]  Jean-Jacques Quisquater,et al.  A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge , 1988, CRYPTO.

[74]  Gerhard Frey,et al.  The Tate pairing and the discrete logarithm applied to elliptic curve cryptosystems , 1999, IEEE Trans. Inf. Theory.

[75]  Yi Mu,et al.  Towards a Cryptographic Treatment of Publish/Subscribe Systems , 2010, CANS.

[76]  Yehuda Lindell,et al.  Lower bounds for non-black-box zero knowledge , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[77]  Guomin Yang,et al.  Efficient Optimistic Fair Exchange Secure in the Multi-user Setting and Chosen-Key Model without Random Oracles , 2008, CT-RSA.

[78]  Mudhakar Srivatsa,et al.  Secure Event Dissemination in Publish-Subscribe Networks , 2007, 27th International Conference on Distributed Computing Systems (ICDCS '07).

[79]  Ueli Maurer,et al.  Non-interactive Public-Key Cryptography , 1991, EUROCRYPT.

[80]  Marc Girault,et al.  Self-Certified Public Keys , 1991, EUROCRYPT.

[81]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[82]  Kenneth G. Paterson,et al.  Pairings for Cryptographers , 2008, IACR Cryptol. ePrint Arch..

[83]  Melissa Chase,et al.  Simulatable VRFs with Applications to Multi-theorem NIZK , 2007, CRYPTO.

[84]  Joseph H. Silverman,et al.  NTRU: A Ring-Based Public Key Cryptosystem , 1998, ANTS.

[85]  A. Miyaji,et al.  New Explicit Conditions of Elliptic Curve Traces for FR-Reduction , 2001 .

[86]  Dawn Xiaodong Song,et al.  Homomorphic Signature Schemes , 2002, CT-RSA.

[87]  Xavier Boyen,et al.  A tapestry of identity-based encryption: practical frameworks compared , 2008, Int. J. Appl. Cryptogr..

[88]  Hatsukazu Tanaka A Realization Scheme for the Identity-Based Cryptosystem , 1987, CRYPTO.

[89]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[90]  Manuel Blum How to exchange (secret) keys , 1983, STOC '83.

[91]  Yi Mu,et al.  Sanitizable Signatures Revisited , 2008, CANS.

[92]  Paulo S. L. M. Barreto,et al.  Pairing-Friendly Elliptic Curves of Prime Order , 2005, Selected Areas in Cryptography.

[93]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[94]  Jan Camenisch,et al.  A Formal Treatment of Onion Routing , 2005, CRYPTO.

[95]  Tsz Hon Yuen,et al.  Ring signatures without random oracles , 2006, ASIACCS '06.

[96]  Kwangjo Kim,et al.  New ID-based group signature from pairings , 2006 .

[97]  Ueli Maurer,et al.  The Relationship Between Breaking the Diffie-Hellman Protocol and Computing Discrete Logarithms , 1999, SIAM J. Comput..

[98]  Tsz Hon Yuen,et al.  (Convertible) Undeniable Signatures Without Random Oracles , 2007, ICICS.

[99]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[100]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[101]  Lan Nguyen,et al.  Accumulators from Bilinear Pairings and Applications , 2005, CT-RSA.

[102]  Michael Scott,et al.  Constructing Brezing-Weng Pairing-Friendly Elliptic Curves Using Elements in the Cyclotomic Field , 2008, Pairing.

[103]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1985, JACM.

[104]  Benoît Libert,et al.  Towards Black-Box Accountable Authority IBE with Short Ciphertexts and Private Keys , 2008, Public Key Cryptography.

[105]  Henning Pagnia,et al.  On the Impossibility of Fair Exchange without a Trusted Third Party , 1999 .

[106]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[107]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[108]  Mihir Bellare,et al.  GQ and Schnorr Identification Schemes: Proofs of Security against Impersonation under Active and Concurrent Attacks , 2002, CRYPTO.

[109]  Victor S. Miller,et al.  The Weil Pairing, and Its Efficient Calculation , 2004, Journal of Cryptology.

[110]  Brent Waters,et al.  Adaptive Security in Broadcast Encryption Systems (with Short Ciphertexts) , 2009, EUROCRYPT.

[111]  Michael Scott,et al.  A Taxonomy of Pairing-Friendly Elliptic Curves , 2010, Journal of Cryptology.

[112]  Yvo Desmedt,et al.  Public-Key Systems Based on the Difficulty of Tampering (Is There a Difference Between DES and RSA?) , 1986, CRYPTO.

[113]  Jia Xu,et al.  Short Redactable Signatures Using Random Trees , 2009, CT-RSA.

[114]  Hideki Imai,et al.  Digitally signed document sanitizing scheme based on bilinear maps , 2006, ASIACCS '06.

[115]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[116]  Mihir Bellare,et al.  An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem , 2004, EUROCRYPT.

[117]  Brent Waters,et al.  Lossy Trapdoor Functions and Their Applications , 2011, SIAM J. Comput..

[118]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[119]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[120]  Jean-Jacques Quisquater,et al.  Identity Based Undeniable Signatures , 2004, CT-RSA.

[121]  David Chaum,et al.  Designated Confirmer Signatures , 1994, EUROCRYPT.

[122]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[123]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[124]  Gilles Brassard,et al.  All-or-Nothing Disclosure of Secrets , 1986, CRYPTO.

[125]  Vipul Goyal,et al.  Reducing Trust in the PKG in Identity Based Cryptosystems , 2007, CRYPTO.

[126]  Vijay Varadharajan,et al.  Fair Exchange of Digital Signatures with Offline Trusted Third Party , 2001, ICICS.

[127]  David Mandell Freeman,et al.  Converting Pairing-Based Cryptosystems from Composite-Order Groups to Prime-Order Groups , 2010, EUROCRYPT.

[128]  Fabien Laguillaumie,et al.  Time-Selective Convertible Undeniable Signatures , 2005, CT-RSA.

[129]  Kazuo Ohta,et al.  A Sanitizable Signature Scheme with Aggregation , 2007, ISPEC.

[130]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[131]  Yi Mu,et al.  How to construct identity-based signatures without the key escrow problem , 2009, International Journal of Information Security.

[132]  Dongvu Tonien,et al.  Multi-party Concurrent Signatures , 2006, ISC.

[133]  Kaoru Kurosawa,et al.  New RSA-Based (Selectively) Convertible Undeniable Signature Schemes , 2009, AFRICACRYPT.

[134]  Mototsugu Nishioka,et al.  Reconsideration on the Security of the Boneh-Franklin Identity-Based Encryption Scheme , 2005, INDOCRYPT.

[135]  Khanh Nguyen,et al.  Asymmetric Concurrent Signatures , 2005, ICICS.

[136]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[137]  Hideki Imai,et al.  Digitally Signed Document Sanitizing Scheme with Disclosure Condition Control , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[138]  Marc Fischlin,et al.  The Representation Problem Based on Factoring , 2002, CT-RSA.

[139]  Joseph K. Liu,et al.  Traceable and Retrievable Identity-Based Encryption , 2008, ACNS.

[140]  Fuchun Guo,et al.  How to Prove Security of a Signature with a Tighter Security Reduction , 2009, ProvSec.

[141]  Je Hong Park,et al.  A Certificate-Based Signature Scheme , 2004, CT-RSA.

[142]  He Dake,et al.  Accountability of Perfect Concurrent Signature , 2008, 2008 International Conference on Computer and Electrical Engineering.

[143]  Wenbo Mao,et al.  Modern Cryptography: Theory and Practice , 2003 .

[144]  Mihir Bellare,et al.  Two-Tier Signatures, Strongly Unforgeable Signatures, and Fiat-Shamir Without Random Oracles , 2007, Public Key Cryptography.

[145]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[146]  Siu-Ming Yiu,et al.  Separable and Anonymous Identity-Based Key Issuing , 2005, 11th International Conference on Parallel and Distributed Systems (ICPADS'05).

[147]  Frederik Vercauteren,et al.  The Eta Pairing Revisited , 2006, IEEE Transactions on Information Theory.

[148]  David Chaum,et al.  Undeniable Signatures , 1989, CRYPTO.

[149]  M. Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2008, Journal of Cryptology.

[150]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[151]  Cynthia Dwork,et al.  A public-key cryptosystem with worst-case/average-case equivalence , 1997, STOC '97.

[152]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[153]  Yuanyuan Zhao,et al.  Dynamic Access Control in a Content-based Publish/Subscribe System with Delivery Guarantees , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[154]  Jianying Zhou,et al.  The Fairness of Perfect Concurrent Signatures , 2006, ICICS.

[155]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[156]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[157]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[158]  Sherman S. M. Chow Removing Escrow from Identity-Based Encryption , 2009, Public Key Cryptography.

[159]  Kyung Sup Kwak,et al.  Fair exchange signature schemes , 2008, 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008).

[160]  Thomas Beth,et al.  Efficient Zero-Knowledge Identification Scheme for Smart Cards , 1988, EUROCRYPT.

[161]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[162]  Moni Naor,et al.  Immunizing Encryption Schemes from Decryption Errors , 2004, EUROCRYPT.

[163]  Tatsuaki Okamoto,et al.  Designated Confirmer Signatures and Public-Key Encryption are Equivalent , 1994, CRYPTO.

[164]  Kaoru Kurosawa,et al.  The security of the FDH variant of Chaum's undeniable signature scheme , 2005, IEEE Transactions on Information Theory.

[165]  Serge Vaudenay,et al.  Generic Homomorphic Undeniable Signatures , 2004, ASIACRYPT.

[166]  Kaoru Kurosawa,et al.  New DLOG-Based Convertible Undeniable Signature Schemes in the Standard Model , 2009 .

[167]  Jung Hee Cheon,et al.  Security Analysis of the Strong Diffie-Hellman Problem , 2006, EUROCRYPT.

[168]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[169]  Keisuke Tanaka,et al.  Sanitizable Signature with Secret Information , 2006 .

[170]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[171]  Jonathan Katz,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[172]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[173]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[174]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[175]  Brent Waters,et al.  Compact Group Signatures Without Random Oracles , 2006, EUROCRYPT.

[176]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[177]  Paulo S. L. M. Barreto,et al.  Constructing Elliptic Curves with Prescribed Embedding Degrees , 2002, SCN.

[178]  Lauri I. W. Pesonen,et al.  Encryption-enforced access control in dynamic multi-domain publish/subscribe networks , 2007, DEBS '07.

[179]  Brent Waters,et al.  A fully collusion resistant broadcast, trace, and revoke system , 2006, CCS '06.

[180]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[181]  Toshiya Itoh,et al.  An ID-based cryptosystem based on the discrete logarithm problem , 1989, IEEE J. Sel. Areas Commun..

[182]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[183]  Jonathan Katz,et al.  Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption , 2005, CT-RSA.

[184]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[185]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[186]  Fabien Laguillaumie,et al.  Short Undeniable Signatures Without Random Oracles: The Missing Link , 2005, INDOCRYPT.

[187]  Ivan Damgård,et al.  New Convertible Undeniable Signature Schemes , 1996, EUROCRYPT.

[188]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[189]  Amit Sahai,et al.  Efficient Non-interactive Proof Systems for Bilinear Groups , 2008, EUROCRYPT.

[190]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[191]  Chanathip Namprempre,et al.  Security Proofs for Identity-Based Identification and Signature Schemes , 2008, Journal of Cryptology.

[192]  Willy Susilo,et al.  Generic Construction of (Identity-based) Perfect Concurrent Signatures , 2006, IACR Cryptol. ePrint Arch..

[193]  Nadarajah Asokan,et al.  Fairness in electronic commerce , 1998, Research report / RZ / IBM / IBM Research Division / Zürich Research Laboratory.

[194]  David Mandell Freeman,et al.  Constructing Pairing-Friendly Elliptic Curves with Embedding Degree 10 , 2006, ANTS.

[195]  Markus Michels,et al.  E cient convertible undeniable signature schemes , 1997 .

[196]  Liqun Chen,et al.  Security Proof of Sakai-Kasahara's Identity-Based Encryption Scheme , 2005, IMACC.

[197]  Tsz Hon Yuen,et al.  Certificate Based (Linkable) Ring Signature , 2007, ISPEC.

[198]  Mihir Bellare,et al.  Simulation without the Artificial Abort: Simplified Proof and Improved Concrete Security for Waters' IBE Scheme , 2009, EUROCRYPT.

[199]  Masao Kasahara,et al.  ID based Cryptosystems with Pairing on Elliptic Curve , 2003, IACR Cryptol. ePrint Arch..

[200]  Kaoru Kurosawa,et al.  Universally Composable Undeniable Signature , 2008, ICALP.

[201]  Paulo S. L. M. Barreto,et al.  Generating More MNT Elliptic Curves , 2006, Des. Codes Cryptogr..

[202]  Kaoru Kurosawa,et al.  k-Resilient Identity-Based Encryption in the Standard Model , 2004, CT-RSA.

[203]  Kaoru Kurosawa,et al.  3-Move Undeniable Signature Scheme , 2005, EUROCRYPT.

[204]  Gil Segev,et al.  Efficient Lossy Trapdoor Functions based on the Composite Residuosity Assumption , 2008, IACR Cryptol. ePrint Arch..

[205]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[206]  N. Asokan,et al.  Optimistic Fair Exchange of Digital Signatures (Extended Abstract) , 1998, EUROCRYPT.

[207]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[208]  David S. Rosenblum,et al.  Enabling Confidentiality in Content-Based Publish/Subscribe Infrastructures , 2006, 2006 Securecomm and Workshops.

[209]  Florian Hess,et al.  Efficient Identity Based Signature Schemes Based on Pairings , 2002, Selected Areas in Cryptography.

[210]  Giannis F. Marias,et al.  Towards Understanding Pure Publish/Subscribe Cryptographic Protocols , 2008, Security Protocols Workshop.