Adaptively secure non-interactive threshold cryptosystems

Threshold cryptography aims at enhancing the availability and security of decryption and signature schemes by splitting private keys into several (say n) shares (typically, each of size comparable to the original secret key). In these schemes, a quorum of at least (d≤n) servers needs to act upon a m...

Full description

Saved in:
Bibliographic Details
Published inTheoretical computer science Vol. 478; pp. 76 - 100
Main Authors Libert, Benoît, Yung, Moti
Format Journal Article
LanguageEnglish
Published Elsevier B.V 25.03.2013
Subjects
Adaptive corruptions
Chosen-ciphertext security
Chosen-message attacks
Digital signatures
Encryption schemes
Non-interactivity
Threshold cryptography
Chosen-message attacks
Threshold cryptography
Adaptive corruptions
Chosen-ciphertext security
Encryption schemes
Non-interactivity
Digital signatures
Online AccessGet full text

Cover

Abstract Threshold cryptography aims at enhancing the availability and security of decryption and signature schemes by splitting private keys into several (say n) shares (typically, each of size comparable to the original secret key). In these schemes, a quorum of at least (d≤n) servers needs to act upon a message to produce the result (decrypted value or signature), while corrupting less than d servers maintains the scheme’s security. For about two decades, extensive study was dedicated to this subject, which created a number of notable results. So far, most practical threshold signatures, where servers act non-interactively, were analyzed in the limited static corruption model (where the adversary chooses which servers will be corrupted at the system’s initialization stage). Existing threshold encryption schemes that withstand the strongest combination of adaptive malicious corruptions (allowing the adversary to corrupt servers at any time based on its complete view), and chosen-ciphertext attacks (CCA) all require interaction (in the non-idealized model) and attempts to remedy this problem resulted only in relaxed schemes. The same is true for threshold signatures secure under chosen-message attacks (CMA). To date (for about 10 years), it has been open whether there are non-interactive threshold schemes providing the highest security (namely, CCA-secure encryption and CMA-secure signature) with scalable shares (i.e., as short as the original key) and adaptive security. This paper answers this question affirmatively by presenting such efficient decryption and signature schemes within a unified algebraic framework.
AbstractList Threshold cryptography aims at enhancing the availability and security of decryption and signature schemes by splitting private keys into several (say n) shares (typically, each of size comparable to the original secret key). In these schemes, a quorum of at least (d≤n) servers needs to act upon a message to produce the result (decrypted value or signature), while corrupting less than d servers maintains the scheme’s security. For about two decades, extensive study was dedicated to this subject, which created a number of notable results. So far, most practical threshold signatures, where servers act non-interactively, were analyzed in the limited static corruption model (where the adversary chooses which servers will be corrupted at the system’s initialization stage). Existing threshold encryption schemes that withstand the strongest combination of adaptive malicious corruptions (allowing the adversary to corrupt servers at any time based on its complete view), and chosen-ciphertext attacks (CCA) all require interaction (in the non-idealized model) and attempts to remedy this problem resulted only in relaxed schemes. The same is true for threshold signatures secure under chosen-message attacks (CMA). To date (for about 10 years), it has been open whether there are non-interactive threshold schemes providing the highest security (namely, CCA-secure encryption and CMA-secure signature) with scalable shares (i.e., as short as the original key) and adaptive security. This paper answers this question affirmatively by presenting such efficient decryption and signature schemes within a unified algebraic framework.
Author Libert, Benoît
Yung, Moti
Author_xml – sequence: 1
  givenname: Benoît
  surname: Libert
  fullname: Libert, Benoît
  email: benoit.libert@uclouvain.be, benoit.libert@technicolor.com
  organization: Technicolor, France
– sequence: 2
  givenname: Moti
  surname: Yung
  fullname: Yung, Moti
  email: motiyung@gmail.com
  organization: Google Inc., USA
BookMark eNp9j7tqwzAYhUVJoUnaB-jmF7ArWbIudAqhNwh0aWchS7-IjGMHSQ347euQTh1yljMcvgPfCi2GcQCEHgmuCCb8qauyTVWNCa0wqTAmN2hJpFBlXSu2QEtMMSupEs0dWqXU4TmN4EukNs4cczhBPxUJ7E-EYn4uw5AhGnseiryPkPZj7wobp2Me05QyHNI9uvWmT_Dw12v0_frytX0vd59vH9vNrrSU01wSrxiWRDbUKSNaIrnyhnrDPKuFq9tGOEpBcs4M4a2VFgQV0jtmaCsl93SNyOXXxjGlCF4fYziYOGmC9dldd3p212d3jYme3WdG_GNsyCaHccjRhP4q-XwhYVY6BYg62QCDBRci2KzdGK7Qvzlhdvo
CitedBy_id crossref_primary_10_1002_dac_2598
crossref_primary_10_1587_transfun_2019CIP0018
crossref_primary_10_1155_2021_6697295
crossref_primary_10_1007_s12204_014_1520_8
crossref_primary_10_4304_jsw_8_5_1245_1253
crossref_primary_10_1016_j_tcs_2016_02_031
Cites_doi 10.1145/112600.112605
10.1137/S0097539701398521
10.1145/1102120.1102162
10.1137/0217017
10.1145/168588.168596
ContentType Journal Article
Copyright 2013 Elsevier B.V.
Copyright_xml – notice: 2013 Elsevier B.V.
DBID 6I.
AAFTH
AAYXX
CITATION
DOI 10.1016/j.tcs.2013.01.001
DatabaseName ScienceDirect Open Access Titles
Elsevier:ScienceDirect:Open Access
CrossRef
DatabaseTitle CrossRef
DatabaseTitleList
DeliveryMethod fulltext_linktorsrc
Discipline Mathematics
Computer Science
EISSN 1879-2294
EndPage 100
ExternalDocumentID 10_1016_j_tcs_2013_01_001
S0304397513000157
GroupedDBID --K
--M
-~X
.DC
.~1
0R~
123
1B1
1RT
1~.
1~5
4.4
457
4G.
5VS
6I.
7-5
71M
8P~
9JN
AABNK
AACTN
AAEDW
AAFTH
AAIAV
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAXUO
AAYFN
ABAOU
ABBOA
ABJNI
ABMAC
ABVKL
ABXDB
ABYKQ
ACAZW
ACDAQ
ACGFS
ACRLP
ACZNC
ADBBV
ADEZE
AEBSH
AEKER
AENEX
AEXQZ
AFKWA
AFTJW
AGUBO
AGYEJ
AHHHB
AHZHX
AIALX
AIEXJ
AIKHN
AITUG
AJBFU
AJOXV
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
ARUGR
AXJTR
BKOJK
BLXMC
CS3
DU5
EBS
EFJIC
EFLBG
EJD
EO8
EO9
EP2
EP3
F5P
FDB
FEDTE
FIRID
FNPLU
FYGXN
G-Q
GBLVA
GBOLZ
HVGLF
IHE
IXB
J1W
KOM
LG9
M26
M41
MHUIS
MO0
N9A
NCXOZ
O-L
O9-
OAUVE
OK1
OZT
P-8
P-9
P2P
PC.
Q38
RIG
ROL
RPZ
SCC
SDF
SDG
SES
SPC
SPCBC
SSV
SSW
SSZ
T5K
TN5
WH7
YNT
ZMT
~G-
29Q
AAEDT
AAQXK
AATTM
AAXKI
AAYWO
AAYXX
ABDPE
ABEFU
ABFNM
ABWVN
ACNNM
ACRPL
ACVFH
ADCNI
ADMUD
ADNMO
ADVLN
AEIPS
AEUPX
AFJKZ
AFPUW
AFXIZ
AGCQF
AGHFR
AGQPQ
AGRNS
AIGII
AIIUN
AKBMS
AKRWK
AKYEP
ANKPU
APXCP
ASPBG
AVWKF
AZFZN
BNPGV
CITATION
FGOYB
G-2
HZ~
R2-
SEW
SSH
TAE
WUQ
XJT
ZY4
ID FETCH-LOGICAL-c363t-1f94081853d9a7b1869fa3fa4f427d2b57d33e8664a16bc8ce7378fd4a3b886f3
IEDL.DBID IXB
ISSN 0304-3975
IngestDate Thu Apr 24 23:03:05 EDT 2025
Tue Jul 01 03:17:41 EDT 2025
Fri Feb 23 02:30:22 EST 2024
IsDoiOpenAccess true
IsOpenAccess true
IsPeerReviewed true
IsScholarly true
Keywords Chosen-message attacks
Threshold cryptography
Adaptive corruptions
Chosen-ciphertext security
Encryption schemes
Non-interactivity
Digital signatures
Language English
License http://www.elsevier.com/open-access/userlicense/1.0
https://www.elsevier.com/tdm/userlicense/1.0
https://www.elsevier.com/open-access/userlicense/1.0
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c363t-1f94081853d9a7b1869fa3fa4f427d2b57d33e8664a16bc8ce7378fd4a3b886f3
OpenAccessLink https://www.sciencedirect.com/science/article/pii/S0304397513000157
PageCount 25
ParticipantIDs crossref_primary_10_1016_j_tcs_2013_01_001
crossref_citationtrail_10_1016_j_tcs_2013_01_001
elsevier_sciencedirect_doi_10_1016_j_tcs_2013_01_001
ProviderPackageCode CITATION
AAYXX
PublicationCentury 2000
PublicationDate 2013-03-25
PublicationDateYYYYMMDD 2013-03-25
PublicationDate_xml – month: 03
  year: 2013
  text: 2013-03-25
  day: 25
PublicationDecade 2010
PublicationTitle Theoretical computer science
PublicationYear 2013
Publisher Elsevier B.V
Publisher_xml – name: Elsevier B.V
References Jarecki, Lysyanskaya (br000175) 2000; vol. 1807
Libert, Yung (br000200) 2012; vol. 7194
Shoup, Gennaro (br000235) 1998; vol. 1403
Shamir (br000230) 1984; vol. 196
Attrapadung, Libert (br000040) 2011; vol. 6571
Malkin, Micciancio, Miner (br000215) 2002; vol. 2332
X. Boyen, Q. Mei, B. Waters, Direct chosen ciphertext security from identity-based techniques, in: ACM CCS’05, 2005, pp. 320–329.
Shoup (br000240) 2000; vol. 1807
Delerablée, Pointcheval (br000125) 2008; vol. 5157
Abe (br000020) 1999; vol. 1666
Canetti, Halevi, Katz (br000110) 2004; vol. 3027
Itkis, Reyzin (br000170) 2001; vol. 2139
M. Bellare, P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols, in: ACM CCS, 1993.
Boneh, Boyen (br000055) 2004; vol. 3027
Canetti, Goldwasser (br000095) 1999; vol. 1592
A.-W. Dent, A note on game-hopping proofs. Cryptology ePrint Archive: Report 2006/260.
Canetti, Halevi, Katz (br000105) 2003; vol. 2656
MacKenzie (br000210) 2003; vol. 2567
Almansa, Damgård, Nielsen (br000030) 2006; vol. 4004
R. Ostrovsky, M. Yung, How to withstand mobile virus attacks, in: 10-th ACM Symp. on Principles of Distributed Computing, PODC’91, 1991, pp. 51–59.
Lysyanskaya, Peikert (br000205) 2001; vol. 2248
Goldwasser, Micali, Rivest (br000150) 1988; 17
J. Katz, A forward-secure public-key encryption scheme. Cryptology ePrint Archive: Report 2002/060, 2002.
Abdalla, Miner, Namprempre (br000005) 2001; vol. 2020
Daza, Herranz, Morillo, Ràfols (br000120) 2007; vol. 4784
Lewko, Waters (br000195) 2010; vol. 5978
Abe, Fehr (br000025) 2004; vol. 3152
Cramer, Damgård, Dziembowski, Hirt, Rabin (br000115) 1999; vol. 1592
Abdalla, Reyzin (br000010) 1999; vol. 1666
Waters (br000250) 2009; vol. 5677
Dodis, Katz (br000145) 2005; vol. 3378
Waters (br000245) 2005; vol. 3494
Boyen, Shacham, Shen, Waters (br000085) 2006
Cramer, Shoup (br000100) 1998; vol. 1462
Kiltz (br000185) 2006; vol. 3876
Frankel, MacKenzie, Yung (br000160) 1999; vol. 1643
Boneh, Boyen, Halevi (br000065) 2006; vol. 3860
R. Anderson, Two remarks on public key cryptology. Invited lecture, in: ACM Conference on Computer and Communications Security, 1997.
Fouque, Pointcheval (br000155) 2001; vol. 2248
Arita, Tsurudome (br000035) 2009; vol. 5536
Canetti, Gennaro, Jarecki, Krawczyk, Rabin (br000090) 1999; vol. 1666
Qin, Wu, Zhang, Domingo-Ferrer (br000225) 2010; vol. 6476
Desmedt (br000135) 1987; vol. 293
Lewko, Okamoto, Sahai, Takashima, Waters (br000190) 2010; vol. 6110
Frankel, MacKenzie, Yung (br000165) 1999; vol. 1716
Boneh, Franklin (br000070) 2003; 32
Boneh, Boyen, Goh (br000060) 2005; vol. 3494
Bellare, Miner (br000045) 1999; vol. 1666
Boyd (br000075) 1989
Desmedt, Frankel (br000140) 1989; vol. 435
Arita (10.1016/j.tcs.2013.01.001_br000035) 2009; vol. 5536
Canetti (10.1016/j.tcs.2013.01.001_br000105) 2003; vol. 2656
Canetti (10.1016/j.tcs.2013.01.001_br000110) 2004; vol. 3027
Boneh (10.1016/j.tcs.2013.01.001_br000060) 2005; vol. 3494
Shoup (10.1016/j.tcs.2013.01.001_br000240) 2000; vol. 1807
Abe (10.1016/j.tcs.2013.01.001_br000020) 1999; vol. 1666
Dodis (10.1016/j.tcs.2013.01.001_br000145) 2005; vol. 3378
10.1016/j.tcs.2013.01.001_br000080
Boneh (10.1016/j.tcs.2013.01.001_br000065) 2006; vol. 3860
Canetti (10.1016/j.tcs.2013.01.001_br000090) 1999; vol. 1666
Boyen (10.1016/j.tcs.2013.01.001_br000085) 2006
Cramer (10.1016/j.tcs.2013.01.001_br000115) 1999; vol. 1592
Abe (10.1016/j.tcs.2013.01.001_br000025) 2004; vol. 3152
Itkis (10.1016/j.tcs.2013.01.001_br000170) 2001; vol. 2139
Jarecki (10.1016/j.tcs.2013.01.001_br000175) 2000; vol. 1807
Shoup (10.1016/j.tcs.2013.01.001_br000235) 1998; vol. 1403
Attrapadung (10.1016/j.tcs.2013.01.001_br000040) 2011; vol. 6571
10.1016/j.tcs.2013.01.001_br000220
10.1016/j.tcs.2013.01.001_br000180
Boneh (10.1016/j.tcs.2013.01.001_br000055) 2004; vol. 3027
MacKenzie (10.1016/j.tcs.2013.01.001_br000210) 2003; vol. 2567
Boyd (10.1016/j.tcs.2013.01.001_br000075) 1989
Bellare (10.1016/j.tcs.2013.01.001_br000045) 1999; vol. 1666
Libert (10.1016/j.tcs.2013.01.001_br000200) 2012; vol. 7194
Waters (10.1016/j.tcs.2013.01.001_br000245) 2005; vol. 3494
10.1016/j.tcs.2013.01.001_br000015
Cramer (10.1016/j.tcs.2013.01.001_br000100) 1998; vol. 1462
Boneh (10.1016/j.tcs.2013.01.001_br000070) 2003; 32
10.1016/j.tcs.2013.01.001_br000130
10.1016/j.tcs.2013.01.001_br000050
Canetti (10.1016/j.tcs.2013.01.001_br000095) 1999; vol. 1592
Frankel (10.1016/j.tcs.2013.01.001_br000165) 1999; vol. 1716
Almansa (10.1016/j.tcs.2013.01.001_br000030) 2006; vol. 4004
Daza (10.1016/j.tcs.2013.01.001_br000120) 2007; vol. 4784
Waters (10.1016/j.tcs.2013.01.001_br000250) 2009; vol. 5677
Malkin (10.1016/j.tcs.2013.01.001_br000215) 2002; vol. 2332
Delerablée (10.1016/j.tcs.2013.01.001_br000125) 2008; vol. 5157
Goldwasser (10.1016/j.tcs.2013.01.001_br000150) 1988; 17
Lewko (10.1016/j.tcs.2013.01.001_br000195) 2010; vol. 5978
Qin (10.1016/j.tcs.2013.01.001_br000225) 2010; vol. 6476
Kiltz (10.1016/j.tcs.2013.01.001_br000185) 2006; vol. 3876
Lysyanskaya (10.1016/j.tcs.2013.01.001_br000205) 2001; vol. 2248
Abdalla (10.1016/j.tcs.2013.01.001_br000005) 2001; vol. 2020
Desmedt (10.1016/j.tcs.2013.01.001_br000135) 1987; vol. 293
Desmedt (10.1016/j.tcs.2013.01.001_br000140) 1989; vol. 435
Frankel (10.1016/j.tcs.2013.01.001_br000160) 1999; vol. 1643
Lewko (10.1016/j.tcs.2013.01.001_br000190) 2010; vol. 6110
Abdalla (10.1016/j.tcs.2013.01.001_br000010) 1999; vol. 1666
Fouque (10.1016/j.tcs.2013.01.001_br000155) 2001; vol. 2248
Shamir (10.1016/j.tcs.2013.01.001_br000230) 1984; vol. 196
References_xml – volume: vol. 3494
  start-page: 114
  year: 2005
  end-page: 127
  ident: br000245
  article-title: Efficient identity-based encryption without random oracles
  publication-title: Eurocrypt’05
– volume: vol. 4004
  start-page: 593
  year: 2006
  end-page: 611
  ident: br000030
  article-title: Simplified threshold RSA with adaptive and proactive security
  publication-title: Eurocrypt’06
– volume: 32
  start-page: 586
  year: 2003
  end-page: 615
  ident: br000070
  article-title: Identity-based encryption from the Weil pairing
  publication-title: SIAM J. Comput.
– volume: vol. 1666
  start-page: 98
  year: 1999
  end-page: 115
  ident: br000090
  article-title: Adaptive security for threshold cryptosystems
  publication-title: Crypto’99
– volume: 17
  start-page: 281
  year: 1988
  end-page: 308
  ident: br000150
  article-title: A digital signature scheme secure against adaptive chosen-message attacks
  publication-title: SIAM J. Comput.
– volume: vol. 1592
  start-page: 311
  year: 1999
  end-page: 326
  ident: br000115
  article-title: Efficient multi-party computations secure against an adaptive adversary
  publication-title: Eurocrypt’99
– volume: vol. 3152
  start-page: 317
  year: 2004
  end-page: 334
  ident: br000025
  article-title: Adaptively secure Feldman VSS and applications to universally-composable threshold cryptography
  publication-title: Crypto’04
– volume: vol. 4784
  start-page: 35
  year: 2007
  end-page: 50
  ident: br000120
  article-title: CCA2-secure threshold broadcast encryption with shorter ciphertexts
  publication-title: ProvSec’07
– volume: vol. 5677
  start-page: 619
  year: 2009
  end-page: 636
  ident: br000250
  article-title: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions
  publication-title: Crypto’09
– reference: A.-W. Dent, A note on game-hopping proofs. Cryptology ePrint Archive: Report 2006/260.
– volume: vol. 2332
  start-page: 400
  year: 2002
  end-page: 417
  ident: br000215
  article-title: Efficient generic forward-secure signatures with an unbounded number of time periods
  publication-title: Eurocrypt’02
– reference: M. Bellare, P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols, in: ACM CCS, 1993.
– volume: vol. 6476
  start-page: 62
  year: 2010
  end-page: 76
  ident: br000225
  article-title: threshold public-key encryption with adaptive security and short ciphertexts
  publication-title: ICICS’10
– volume: vol. 2248
  start-page: 351
  year: 2001
  end-page: 368
  ident: br000155
  article-title: Threshold cryptosystems secure against chosen-ciphertext attacks
  publication-title: Asiacrypt’01
– volume: vol. 7194
  start-page: 75
  year: 2012
  end-page: 93
  ident: br000200
  article-title: Non-interactive CCA-secure threshold cryptosystems with adaptive security: new framework and constructions
  publication-title: TCC 2012
– reference: X. Boyen, Q. Mei, B. Waters, Direct chosen ciphertext security from identity-based techniques, in: ACM CCS’05, 2005, pp. 320–329.
– volume: vol. 1643
  start-page: 4
  year: 1999
  end-page: 27
  ident: br000160
  article-title: Adaptively-secure distributed public-key systems
  publication-title: ESA’99
– volume: vol. 3378
  start-page: 188
  year: 2005
  end-page: 209
  ident: br000145
  article-title: Chosen-ciphertext security of multiple encryption
  publication-title: TCC’05
– volume: vol. 6110
  start-page: 62
  year: 2010
  end-page: 91
  ident: br000190
  article-title: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption
  publication-title: Eurocrypt 2010
– volume: vol. 3860
  start-page: 226
  year: 2006
  end-page: 243
  ident: br000065
  article-title: Chosen ciphertext secure public key threshold encryption without random oracles
  publication-title: CT-RSA’06
– volume: vol. 3494
  start-page: 440
  year: 2005
  end-page: 456
  ident: br000060
  article-title: Hierarchical identity-based encryption with constant size ciphertext
  publication-title: Eurocrypt’05
– volume: vol. 1462
  start-page: 13
  year: 1998
  end-page: 25
  ident: br000100
  article-title: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack
  publication-title: Crypto’98
– volume: vol. 2656
  start-page: 255
  year: 2003
  end-page: 271
  ident: br000105
  article-title: A forward-secure public-key encryption scheme
  publication-title: Eurocrypt’03
– volume: vol. 1403
  start-page: 1
  year: 1998
  end-page: 16
  ident: br000235
  article-title: Securing threshold cryptosystems against chosen ciphertext attack
  publication-title: Eurocrypt’98
– volume: vol. 1807
  year: 2000
  ident: br000175
  article-title: Adaptively secure threshold cryptography: introducing concurrency, removing erasures
  publication-title: Eurocrypt’00
– reference: R. Ostrovsky, M. Yung, How to withstand mobile virus attacks, in: 10-th ACM Symp. on Principles of Distributed Computing, PODC’91, 1991, pp. 51–59.
– volume: vol. 293
  start-page: 120
  year: 1987
  end-page: 127
  ident: br000135
  article-title: Society and group oriented cryptography: a new concept
  publication-title: Crypto’87
– volume: vol. 2567
  start-page: 47
  year: 2003
  end-page: 61
  ident: br000210
  article-title: An efficient two-party public key cryptosystem secure against adaptive chosen ciphertext attack
  publication-title: PKC’03
– volume: vol. 3027
  start-page: 223
  year: 2004
  end-page: 238
  ident: br000055
  article-title: Efficient selective-ID secure identity-based encryption without random oracles
  publication-title: Eurocrypt’04
– volume: vol. 435
  start-page: 307
  year: 1989
  end-page: 315
  ident: br000140
  article-title: Threshold cryptosystems
  publication-title: Crypto’89
– volume: vol. 2248
  start-page: 331
  year: 2001
  end-page: 350
  ident: br000205
  article-title: Adaptive security in the threshold setting: from cryptosystems to signature schemes
  publication-title: Asiacrypt’01
– volume: vol. 3027
  start-page: 207
  year: 2004
  end-page: 222
  ident: br000110
  article-title: Chosen-ciphertext security from identity-based encryption
  publication-title: Eurocrypt’04
– reference: J. Katz, A forward-secure public-key encryption scheme. Cryptology ePrint Archive: Report 2002/060, 2002.
– volume: vol. 1666
  start-page: 130
  year: 1999
  end-page: 147
  ident: br000020
  article-title: Robust distributed multiplicaton with out interaction
  publication-title: Crypto’99
– volume: vol. 5157
  start-page: 317
  year: 2008
  end-page: 334
  ident: br000125
  article-title: Dynamic threshold public-key encryption
  publication-title: Crypto’08
– start-page: 241
  year: 1989
  end-page: 246
  ident: br000075
  article-title: Digital multisignatures
  publication-title: Cryptography and Coding
– volume: vol. 5978
  start-page: 455
  year: 2010
  end-page: 479
  ident: br000195
  article-title: New techniques for dual system encryption and fully secure HIBE with short ciphertexts
  publication-title: TCC 2010
– volume: vol. 6571
  start-page: 17
  year: 2011
  end-page: 34
  ident: br000040
  article-title: Homomorphic network coding signatures in the standard model
  publication-title: PKC’11
– volume: vol. 1666
  start-page: 431
  year: 1999
  end-page: 448
  ident: br000045
  article-title: A forward-secure digital signature scheme
  publication-title: Crypto’99
– volume: vol. 2139
  start-page: 332
  year: 2001
  end-page: 354
  ident: br000170
  article-title: Forward-secure signatures with optimal signing and verifying
  publication-title: Crypto’01
– start-page: 191
  year: 2006
  end-page: 200
  ident: br000085
  article-title: Forward-secure signatures with untrusted update
  publication-title: ACM CCS’06
– volume: vol. 1716
  start-page: 180
  year: 1999
  end-page: 194
  ident: br000165
  article-title: Adaptively-secure optimal-resilience proactive RSA
  publication-title: Asiacrypt’99
– volume: vol. 1666
  start-page: 116
  year: 1999
  end-page: 129
  ident: br000010
  article-title: A new forward-secure digital signature scheme
  publication-title: Asiacrypt’00
– volume: vol. 2020
  start-page: 441
  year: 2001
  end-page: 456
  ident: br000005
  article-title: Forward-secure threshold signature schemes
  publication-title: CT-RSA’01
– reference: R. Anderson, Two remarks on public key cryptology. Invited lecture, in: ACM Conference on Computer and Communications Security, 1997.
– volume: vol. 1807
  start-page: 207
  year: 2000
  end-page: 220
  ident: br000240
  article-title: Practical threshold signatures
  publication-title: Eurocrypt’00
– volume: vol. 1592
  start-page: 90
  year: 1999
  end-page: 106
  ident: br000095
  article-title: An efficient threshold public key cryptosystem secure against adaptive chosen ciphertext attack
  publication-title: Eurocrypt’99
– volume: vol. 196
  start-page: 47
  year: 1984
  end-page: 53
  ident: br000230
  article-title: Identity-based cryptosystems and signature schemes
  publication-title: Crypto’84
– volume: vol. 5536
  start-page: 186
  year: 2009
  end-page: 200
  ident: br000035
  article-title: Construction of threshold public-key encryptions through tag-based encryptions
  publication-title: ACNS’09
– volume: vol. 3876
  start-page: 581
  year: 2006
  end-page: 600
  ident: br000185
  article-title: Chosen-ciphertext security from tag-based encryption
  publication-title: TCC’06
– volume: vol. 3378
  start-page: 188
  year: 2005
  ident: 10.1016/j.tcs.2013.01.001_br000145
  article-title: Chosen-ciphertext security of multiple encryption
– ident: 10.1016/j.tcs.2013.01.001_br000180
– volume: vol. 5536
  start-page: 186
  year: 2009
  ident: 10.1016/j.tcs.2013.01.001_br000035
  article-title: Construction of threshold public-key encryptions through tag-based encryptions
– volume: vol. 3027
  start-page: 223
  year: 2004
  ident: 10.1016/j.tcs.2013.01.001_br000055
  article-title: Efficient selective-ID secure identity-based encryption without random oracles
– volume: vol. 4004
  start-page: 593
  year: 2006
  ident: 10.1016/j.tcs.2013.01.001_br000030
  article-title: Simplified threshold RSA with adaptive and proactive security
– volume: vol. 3027
  start-page: 207
  year: 2004
  ident: 10.1016/j.tcs.2013.01.001_br000110
  article-title: Chosen-ciphertext security from identity-based encryption
– volume: vol. 7194
  start-page: 75
  year: 2012
  ident: 10.1016/j.tcs.2013.01.001_br000200
  article-title: Non-interactive CCA-secure threshold cryptosystems with adaptive security: new framework and constructions
– volume: vol. 3494
  start-page: 114
  year: 2005
  ident: 10.1016/j.tcs.2013.01.001_br000245
  article-title: Efficient identity-based encryption without random oracles
– volume: vol. 2567
  start-page: 47
  year: 2003
  ident: 10.1016/j.tcs.2013.01.001_br000210
  article-title: An efficient two-party public key cryptosystem secure against adaptive chosen ciphertext attack
– start-page: 191
  year: 2006
  ident: 10.1016/j.tcs.2013.01.001_br000085
  article-title: Forward-secure signatures with untrusted update
– ident: 10.1016/j.tcs.2013.01.001_br000220
  doi: 10.1145/112600.112605
– volume: vol. 1403
  start-page: 1
  year: 1998
  ident: 10.1016/j.tcs.2013.01.001_br000235
  article-title: Securing threshold cryptosystems against chosen ciphertext attack
– volume: vol. 196
  start-page: 47
  year: 1984
  ident: 10.1016/j.tcs.2013.01.001_br000230
  article-title: Identity-based cryptosystems and signature schemes
– volume: 32
  start-page: 586
  issue: 3
  year: 2003
  ident: 10.1016/j.tcs.2013.01.001_br000070
  article-title: Identity-based encryption from the Weil pairing
  publication-title: SIAM J. Comput.
  doi: 10.1137/S0097539701398521
– ident: 10.1016/j.tcs.2013.01.001_br000080
  doi: 10.1145/1102120.1102162
– volume: vol. 6476
  start-page: 62
  year: 2010
  ident: 10.1016/j.tcs.2013.01.001_br000225
  article-title: threshold public-key encryption with adaptive security and short ciphertexts
– volume: 17
  start-page: 281
  issue: 2
  year: 1988
  ident: 10.1016/j.tcs.2013.01.001_br000150
  article-title: A digital signature scheme secure against adaptive chosen-message attacks
  publication-title: SIAM J. Comput.
  doi: 10.1137/0217017
– volume: vol. 2332
  start-page: 400
  year: 2002
  ident: 10.1016/j.tcs.2013.01.001_br000215
  article-title: Efficient generic forward-secure signatures with an unbounded number of time periods
– volume: vol. 293
  start-page: 120
  year: 1987
  ident: 10.1016/j.tcs.2013.01.001_br000135
  article-title: Society and group oriented cryptography: a new concept
– ident: 10.1016/j.tcs.2013.01.001_br000050
  doi: 10.1145/168588.168596
– volume: vol. 2656
  start-page: 255
  year: 2003
  ident: 10.1016/j.tcs.2013.01.001_br000105
  article-title: A forward-secure public-key encryption scheme
– volume: vol. 1807
  year: 2000
  ident: 10.1016/j.tcs.2013.01.001_br000175
  article-title: Adaptively secure threshold cryptography: introducing concurrency, removing erasures
– volume: vol. 4784
  start-page: 35
  year: 2007
  ident: 10.1016/j.tcs.2013.01.001_br000120
  article-title: CCA2-secure threshold broadcast encryption with shorter ciphertexts
– volume: vol. 6571
  start-page: 17
  year: 2011
  ident: 10.1016/j.tcs.2013.01.001_br000040
  article-title: Homomorphic network coding signatures in the standard model
– start-page: 241
  year: 1989
  ident: 10.1016/j.tcs.2013.01.001_br000075
  article-title: Digital multisignatures
– volume: vol. 1592
  start-page: 90
  year: 1999
  ident: 10.1016/j.tcs.2013.01.001_br000095
  article-title: An efficient threshold public key cryptosystem secure against adaptive chosen ciphertext attack
– volume: vol. 1666
  start-page: 98
  year: 1999
  ident: 10.1016/j.tcs.2013.01.001_br000090
  article-title: Adaptive security for threshold cryptosystems
– volume: vol. 1807
  start-page: 207
  year: 2000
  ident: 10.1016/j.tcs.2013.01.001_br000240
  article-title: Practical threshold signatures
– volume: vol. 2139
  start-page: 332
  year: 2001
  ident: 10.1016/j.tcs.2013.01.001_br000170
  article-title: Forward-secure signatures with optimal signing and verifying
– volume: vol. 1462
  start-page: 13
  year: 1998
  ident: 10.1016/j.tcs.2013.01.001_br000100
  article-title: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack
– volume: vol. 5978
  start-page: 455
  year: 2010
  ident: 10.1016/j.tcs.2013.01.001_br000195
  article-title: New techniques for dual system encryption and fully secure HIBE with short ciphertexts
– volume: vol. 2248
  start-page: 331
  year: 2001
  ident: 10.1016/j.tcs.2013.01.001_br000205
  article-title: Adaptive security in the threshold setting: from cryptosystems to signature schemes
– volume: vol. 1716
  start-page: 180
  year: 1999
  ident: 10.1016/j.tcs.2013.01.001_br000165
  article-title: Adaptively-secure optimal-resilience proactive RSA
– volume: vol. 1666
  start-page: 431
  year: 1999
  ident: 10.1016/j.tcs.2013.01.001_br000045
  article-title: A forward-secure digital signature scheme
– volume: vol. 2248
  start-page: 351
  year: 2001
  ident: 10.1016/j.tcs.2013.01.001_br000155
  article-title: Threshold cryptosystems secure against chosen-ciphertext attacks
– volume: vol. 3494
  start-page: 440
  year: 2005
  ident: 10.1016/j.tcs.2013.01.001_br000060
  article-title: Hierarchical identity-based encryption with constant size ciphertext
– volume: vol. 435
  start-page: 307
  year: 1989
  ident: 10.1016/j.tcs.2013.01.001_br000140
  article-title: Threshold cryptosystems
– volume: vol. 1643
  start-page: 4
  year: 1999
  ident: 10.1016/j.tcs.2013.01.001_br000160
  article-title: Adaptively-secure distributed public-key systems
– volume: vol. 3860
  start-page: 226
  year: 2006
  ident: 10.1016/j.tcs.2013.01.001_br000065
  article-title: Chosen ciphertext secure public key threshold encryption without random oracles
– volume: vol. 2020
  start-page: 441
  year: 2001
  ident: 10.1016/j.tcs.2013.01.001_br000005
  article-title: Forward-secure threshold signature schemes
– volume: vol. 5157
  start-page: 317
  year: 2008
  ident: 10.1016/j.tcs.2013.01.001_br000125
  article-title: Dynamic threshold public-key encryption
– volume: vol. 3876
  start-page: 581
  year: 2006
  ident: 10.1016/j.tcs.2013.01.001_br000185
  article-title: Chosen-ciphertext security from tag-based encryption
– ident: 10.1016/j.tcs.2013.01.001_br000015
– ident: 10.1016/j.tcs.2013.01.001_br000130
– volume: vol. 1666
  start-page: 130
  year: 1999
  ident: 10.1016/j.tcs.2013.01.001_br000020
  article-title: Robust distributed multiplicaton with out interaction
– volume: vol. 3152
  start-page: 317
  year: 2004
  ident: 10.1016/j.tcs.2013.01.001_br000025
  article-title: Adaptively secure Feldman VSS and applications to universally-composable threshold cryptography
– volume: vol. 1666
  start-page: 116
  year: 1999
  ident: 10.1016/j.tcs.2013.01.001_br000010
  article-title: A new forward-secure digital signature scheme
– volume: vol. 6110
  start-page: 62
  year: 2010
  ident: 10.1016/j.tcs.2013.01.001_br000190
  article-title: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption
– volume: vol. 1592
  start-page: 311
  year: 1999
  ident: 10.1016/j.tcs.2013.01.001_br000115
  article-title: Efficient multi-party computations secure against an adaptive adversary
– volume: vol. 5677
  start-page: 619
  year: 2009
  ident: 10.1016/j.tcs.2013.01.001_br000250
  article-title: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions
SSID ssj0000576
Score 2.0826764
Snippet Threshold cryptography aims at enhancing the availability and security of decryption and signature schemes by splitting private keys into several (say n)...
SourceID crossref
elsevier
SourceType Enrichment Source
Index Database
Publisher
StartPage 76
SubjectTerms Adaptive corruptions
Chosen-ciphertext security
Chosen-message attacks
Digital signatures
Encryption schemes
Non-interactivity
Threshold cryptography
Title Adaptively secure non-interactive threshold cryptosystems
URI https://dx.doi.org/10.1016/j.tcs.2013.01.001
Volume 478
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV07T8MwED6VssDAo4AojyoDE5JpEjuOM5aKqoDaBSp1i_yKVFRB1QSkLvx2bCcpIAQDa-SLrHN8Z-e7-z6Ai0QLxlUkkCKhQkSLGCVaaYRDLojwha-kbU4ejelwQu6m0bQB_boXxpZVVrG_jOkuWldPupU3u4vZrPtgQT2TTSMLyJikZjvKMWGuiW96_RmNo7jEKy0CYEbXyKar8SqkZewOsGPurHRhfuSmL_lmsAc71UHR65Vz2YeGfm7Bbi3C4FV7sgXbozXxan4ASU_xhY1g85WX21_p2jP3e2RJIVw71Jv2CrN6uQWdPLlcLYqXkss5P4TJ4OaxP0SVOgKSmOICBVlCfJduVcJjYaWlMo4zTjISxioUUaww1oxSwgMqJJM6xjHLFOFYMEYzfARNMwN9DJ4OBJO-n5lXccIoM1cgkUQ40WbHS6pZG_zaL6msqMOtgsU8rWvEnlLjytS6MvUDWyfXhsu1yaLkzfhrMKmdnX5b_NTE9d_NTv5ndgpbodO0wCiMzqBZLF_1uTlZFKIDG1fvQQc2e7f3w3HHfUgff87O-Q
linkProvider Elsevier
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3JTsMwEB2VcgAOLAVEWXPghGQ1iZ3YOZaKqoW2F1qpt8hbpKIKoiYg9e-xs7AIwYFrZEfWOH4zzsy8B3AdacG4CgRSxFeIaEFRpJVG2OeCCFe4Strm5PEkHMzI_TyYN6BX98LYssoK-0tML9C6etKprNlJF4vOo03qGW8a2ISMcWp0AzZNNECtfsNwfvsJxwEtE5Y2BWCG16nNosgrl5ay28MFdWclDPPDOX1xOP192K0iRadbLuYAGvq5BXu1CoNTHcoW7Iw_mFezQ4i6iqcWwpZrJ7P_0rVjLvjIskIU_VBv2snN9mU26-TI1TrNX0oy5-wIZv27aW-AKnkEJHGIc-QlEXELf6siToXVlko4TjhJiE-VLwKqMNYsDAn3QiGZ1BRTlijCsWAsTPAxNM0K9Ak42hNMum5iXsUJC5m5A4kowJE2R16GmrXBre0Sy4o73EpYLOO6SOwpNqaMrSlj17OFcm24-ZiSlsQZfw0mtbHjb7sfG2D_fdrp_6ZdwdZgOh7Fo-Hk4Qy2_ULgAiM_OIdmvnrVFybMyMVl8Rm9A5Yfz4w
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Adaptively+secure+non-interactive+threshold+cryptosystems&rft.jtitle=Theoretical+computer+science&rft.au=Libert%2C+Beno%C3%AEt&rft.au=Yung%2C+Moti&rft.date=2013-03-25&rft.pub=Elsevier+B.V&rft.issn=0304-3975&rft.eissn=1879-2294&rft.volume=478&rft.spage=76&rft.epage=100&rft_id=info:doi/10.1016%2Fj.tcs.2013.01.001&rft.externalDocID=S0304397513000157
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0304-3975&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0304-3975&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0304-3975&client=summon