The Ultimate Guide to Choosing WordPress Pros and Cons
Secure Obfuscation for Encrypted Signatures
1. Secure Obfuscation for Encrypted Signatures Eurocrypt 2010 (May 31) Satoshi Hada IBM Research - Tokyo
2.
3.
4.
5.
6.
7. Motivation: To use signcryption for Webmail services, service providers need to store users’ private signing keys and execute signcryption on servers. Key leakage is a serious security issue. Alice’s Web Browser Bob’s Web Browser Server Server Key leakage is a serious security issue!! Standard browsers have no capability of signcryption Signcrypt@ Server
8. A solution is to obfuscate the signcryption program so that the private signing key can not be abused. Server Server We can obfuscate this program Alice’s Web Browser Bob’s Web Browser Signcrypt@ Server
9.
10.
11.
12.
13.
14.
15.
16. Main Result: The security of Waters’s signature scheme is preserved even when adversaries are given obfuscated encrypted signature programs Def 3: A signature scheme is EU against adversaries having signing oracle Def 5: A signature scheme is EU against adversaries having signing oracle and obfuscated encrypted signature program trivial Thm 1 Thm 1: if the obfuscator satisfies the VBP, then Def 4 implies Def 5. Thm 2: Waters’s signature scheme satisfies Def 3 under DBDH Corollary 1: Waters’s signature scheme satisfies Def 5 under DL and DBDH trivial Thms 1& 4 Abstract Concrete Stronger Security
17.
18.
19.
20. Generalization: we can apply the basic idea to other signature schemes We can generalize our construction to clarify the properties that a pair of encryption and signature schemes should satisfy so that the encrypted signature can be securely obfuscated NO YES Pairing-based CRYPTO’02 Lysyanskaya’s unique signature scheme 1 CRYPTO’89 Undeniable signature scheme by Chaum and Antwerpen 3 J. ACM 2004 DDH-based Pseudoranom functions (MAC) 4 5 2 # PKC’02 Dodis’s verifiable random function JoC 1991 Schnorr’s signature scheme Reference Scheme