Paper 2009/588

Confidential Signatures and Deterministic Signcryption

Alexander W. Dent, Marc Fischlin, Mark Manulis, Martijn Stam, and Dominique Schroder

Abstract

Encrypt-and-sign, where one encrypts and signs a message in parallel, is usually not recommended for confidential message transmission. The reason is that the signature typically leaks information about the message. This motivates our investigation of confidential signature schemes, which hide all information about (high-entropy) input messages. In this work we provide a formal treatment of confidentiality for such schemes and a comprehensive discussion of the relationship of different notions we propose. We give constructions meeting our notions, both in the random oracle model and the standard model. As part of this we show that full domain hash signatures achieve a weaker level of confidentiality than Fiat-Shamir signatures. We then revisit the connection of confidential signatures to signcryption schemes. We give formal security models for deterministic signcryption schemes for high-entropy and low-entropy messages, and prove encrypt-and-sign to be secure for confidential signature schemes and high-entropy messages. Finally, we show that one can derandomize any signcryption scheme in our model and obtain a secure deterministic scheme.

Metadata
Available format(s)
PDF PS
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Digital signatureSigncryptionDeterministic
Contact author(s)
a dent @ rhul ac uk
History
2009-12-04: received
Short URL
https://ia.cr/2009/588
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/588,
      author = {Alexander W.  Dent and Marc Fischlin and Mark Manulis and Martijn Stam and Dominique Schroder},
      title = {Confidential Signatures and Deterministic Signcryption},
      howpublished = {Cryptology ePrint Archive, Paper 2009/588},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/588}},
      url = {https://eprint.iacr.org/2009/588}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.