Toward Efficient Convertible Authenticated Encryption Schemes Using Self-Certified Public Key System

Convertible authenticated encryption (CAE) schemes enable the signer to send a confidential message and its corresponding signature to the designated recipient. The recipient can also convert the signature into a conventional one which can be verified by anyone. Integrating the properties of self-ce...

Full description

Saved in:
Bibliographic Details
Published in:KSII transactions on Internet and information systems 2014, 8(3), , pp.1157-1177
Main Authors: Wu, Tzong-Sun, Chen, Yih-Sen, Lin, Han-Yu
Format: Article
Language:English
Subjects:
authenticated encryption
convertibility
Cryptography
Data security
elliptic curve
Engineering research
Methods
Public key encryption
self-certified public key
semantic security
컴퓨터학
Citations: Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Convertible authenticated encryption (CAE) schemes enable the signer to send a confidential message and its corresponding signature to the designated recipient. The recipient can also convert the signature into a conventional one which can be verified by anyone. Integrating the properties of self-certified public key systems, this paper presents efficient and computationally indistinguishable self-certified CAE schemes for strengthening the security of E-Commerce applications. Additionally, we also adapt the proposed schemes to elliptic curve systems for facilitating the applications of limited computing power and insufficient storage space. The proposed schemes are secure against known existential active attacks, satisfy the semantic security requirement, and have the following advantages: (i) No extra certificate is required since the tasks of authenticating the public key and verifying the signature can be simultaneously carried out within one step, which helps reducing computation efforts and communication overheads. (ii) In case of a later dispute, the recipient can convert the signature into an ordinary one for the public arbitration. (iii) The signature conversion can be solely performed by the recipient without additional computation efforts or communication overheads. (iv) The recipient of the signature can prove himself, if needed, to anyone that he is actually the designated recipient.
ISSN:1976-7277
1976-7277
DOI:10.3837/tiis.2014.03.026