Abstract
A parallel authentication and public-key encryption is introduced and exemplified on joint encryption and signing which compares favorably with sequential Encrypt-then-Sign (ɛtS) or Sign-then-Encrypt (Stɛ) schemes as far as both efficiency and security are concerned. A security model for signcryption, and thus joint encryption and signing, has been recently defined which considers possible attacks and security goals. Such a scheme is considered secure if the encryption part guarantees indistinguishability and the signature part prevents existential forgeries, for outsider but also insider adversaries. We propose two schemes of parallel signcryption, which are efficient alternative to Commit-then-Sign-and- Encrypt (Ct&G3&S). They are both provably secure in the random oracle model. The first one, called generic parallel encrypt and sign, is secure if the encryption scheme is semantically secure against chosen-ciphertext attacks and the signature scheme prevents existential forgeries against random-message attacks. The second scheme, called optimal parallel encrypt. and sign, applies random oracles similar to the OAEP technique in order to achieve security using encryption and signature components with very weak security requirements — encryption is expected to be one-way under chosen-plaintext attacks while signature needs to be secure against universal forgeries under random-plaintext attack, that is actually the case for both the plain-RSA encryption and signature under the usual RSA assumption. Both proposals are generic in the sense that any suitable encryption and signature schemes (i.e. which simply achieve required security) can be used. Furthermore they allow both parallel encryption and signing, as well as parallel decryption and verification. Properties of parallel encrypt and sign schemes are considered and a new security standard for parallel signcryption is proposed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
J. H. An, Y. Dodis, and T. Rabin. On the Security of Joint Signatures and Encryption. In Eurocrypt’ 02, LNCS 2332, pages 83–107. Springer-Verlag, Berlin, 2002.
M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway. Relations among Notions of Security for Public-Key Encryption Schemes. In Crypto’ 98, LNCS 1462, pages 26–45. Springer-Verlag, Berlin, 1998.
M. Bellare and C. Namprempre. Authenticated Encryption: Notions and Constructions. In Asiacrypt’ 00, LNCS 1976. Springer-Verlag, Berlin, 2000.
M. Bellare and P. Rogaway. Encode-Then-Encipher Encryption: How to Exploit Nonces or Redundancies in Plaintexts for Efficient Cryptography. In Asiacrypt’ 00, LNCS 1976. Springer-Verlag, Berlin, 2000.
M. Bellare and P. Rogaway. Random Oracles Are Practical: a Paradigm for Designing Efficient Protocols. In Proc. of the 1st CCS, pages 62–73. ACM Press, New York, 1993.
M. Bellare and P. Rogaway. Optimal Asymmetric Encryption — How to Encrypt with RSA. In Eurocrypt’ 94, LNCS 950, pages 92–111. Springer-Verlag, Berlin, 1995.
W. Diffie and M. E. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory, IT-22(6):644–654, November 1976.
E. Fujisaki, T. Okamoto, D. Pointcheval, and J. Stern. RSA-OAEP is Secure under the RSA Assumption. In Crypto’ 01, LNCS 2139, pages 260–274. Springer-Verlag, Berlin, 2001.
S. Goldwasser and S. Micali. Probabilistic Encryption. Journal of Computer and. System Sciences, 28:270–299, 1984.
S. Goldwasser, S. Micali, and R. Rivest. A Digital Signature Scheme Secure Against Adaptative Chosen-Message Attacks. SIAM Journal of Computing, 17(2):281–308, April 1988.
J. Pieprzyk and D. Pointcheval. Parallel Authentication and Public-Key Encryption. In ACISP’ 03, LNCS. Springer-Verlag, Berlin, 2003. Full version available from http://www.di.ens.fr/users/pointche/.
R. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Communications of the ACM, 21(2):120–126, February 1978.
RSA Data Security, Inc. Public Key Cryptography Standards — PKCS. Available from http://www.rsa.com/rsalabs/pubs/PKCS/.
A. Shamir. How to Share a Secret. Communications of the ACM, 22:612–613, November 1979.
V. Shoup. OAEP Reconsidered. In Crypto’ 01, LNCS 2139, pages 239–259. Springer-Verlag, Berlin, 2001.
J. Malone-Lee, D. Pointcheval, N. Smart, and J. Stern. Flaws in Applying Proof Methodologies to Signature Schemes. In Crypto’ 02, LNCS 2442, pages 93–110. Springer-Verlag, Berlin, 2002.
Y. Zheng. Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption). In Crypto’ 97, LNCS 1294. Springer-Verlag, Berlin, 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pieprzyk, J., Pointcheval, D. (2003). Parallel Authentication and Public-Key Encryption. In: Safavi-Naini, R., Seberry, J. (eds) Information Security and Privacy. ACISP 2003. Lecture Notes in Computer Science, vol 2727. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45067-X_33
Download citation
DOI: https://doi.org/10.1007/3-540-45067-X_33
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40515-3
Online ISBN: 978-3-540-45067-2
eBook Packages: Springer Book Archive