The Pairing-Based Crypto Lounge (original) (raw)

The Pairing-Based Crypto Lounge

Welcome!

3rd International Conference on Pairing-Based Cryptography

Pairing'2009

August 12-14, 2009 -- Stanford, USA

CALL FOR PAPERS

The Third International Conference on Pairing-based Cryptography (Pairing 2009) will be held at Stanford University, USA on August 12�14, 2009. Authors are invited to submit papers describing their original research on all aspects of pairing-based cryptography, including, but not limited to the following topics: * novel cryptographic primitives and protocols * mathematical foundations * software and hardware implementation * applied security

Introduction

On this page we try to give an overview (currently 200 references) of cryptosystems based on the existence of bilinear, non-degenerate,efficiently computable mappings (called pairings) over certain groups. Are you the author of a pairing-related work not listed below? Is the reference to your work incorrect, incomplete, or outdated? Please send me e-mail at. I apologize to all researchers that have contributed to this site for the delay in updating the list of references. The volume of research papers on pairing-based cryptography has increased exponentially over the past few years, so it's getting difficult to keep the site up to date. Nevertheless, there will be an extensive update in a few days, so keep an eye.
Contents: * Introduction * Basic theory * Identity-based cryptosystems * More pairing-based cryptosystems * Fundamentals and implementation * Acknowledgements * Links * References

Basic theory

Let G and G' be two groups, with G written additively andG' written multiplicatively. Consider the following problems defined onG:

• The Computational Diffie-Hellman problem (CDHP): given P, _a_P, _b_P in G, compute _ab_P.
• The Decisional Diffie-Hellman problem (DDHP): given P, _a_P, _b_P, c_P in G, decide whether_c = ab (modulo the order of P).

If there exists a bilinear, non-degenerate map (i.e. a pairing) e: G � G → G', then one can efficiently solve the DDHP in G, since c = ab (modulo the order of P) if, and only if, e(_a_P, _b_P) = e(P, _c_P). This observation leads to the definition of the following problems:

• The Gap Diffie-Hellman problem (GDHP): Solve the CDHP in G, possibly with the help of the oracle that solves the DDHP in G.
• The Bilinear Diffie-Hellman problem (BDHP): given P, _a_P, _b_P, _c_P in G, compute e(P,P)abc.

For each of the above problems there is a corresponding _co-problem_involving two additive groups G1 and G2rather than a single group G, and a pairing e: G1 � G2 → G':

• Co-CDHP: given P, _a_P in G1 and Q in G2, compute _a_Q.
• Co-DDHP: given P, _a_P in G1 and Q, b_Q in G2 where P and Q are of the same order_r, decide whether a = b (mod r).
• Co-GDHP: Solve the Co-CDHP in G1 and G2, possibly with the help of the oracle that solves the Co-DDHP in these groups.
• Co-BDHP: given P, _a_P, _b_P in G1 and Q inG2, compute e(P,Q)ab.

The security of pairing-based cryptosystems is based on the intractability of either the GDHP, the BDHP, or both, in some group G; or similarly on the intractability the corresponding co-problems in a pair of groups G1 and G2.

The most popular pairing choices are the Weil pairing and the_Tate pairing_. Both are computable with Miller's algorithm, but the Tate pairing is usually more efficiently implementable than the Weil pairing.

Below we list some members of this family of cryptosystems, roughly classified by similarity of functionality.

Identity-based cryptosystems

One of the central applications of pairings is the establishments of_identity-based_ cryptosystems.

More pairing-based cryptosystems

Identity-based schemes are far from being the whole story: many other kinds of cryptosystems (including conventional schemes with surprising new properties) can be built with pairings.

Fundamentals and implementation

Very active research is being conducted as well on theoretical foundations, cryptanalysis, parameter selection and efficient implementation of such systems.

Acknowledgements

Many thanks toMihir Bellare,Waldyr Benits Jr., Ratna Dutta,Steven Galbraith, Lei Hu,Beno�t Libert,Ben Lynn,John Malone-Lee, Divya Nalla,Kenny Paterson,Mike Scott,Nigel Smart, Han Song, and Fangguo Zhangfor their valuable contributions to this site.

Links

• The Identity Based Encryption Technologies project of theCryptography and Information Security Group at the University of Bristol.
• Mike Scott's Tutorial on the Tate pairing.
• Steven Galbraith's overview of Elliptic Curve Cryptography.
• Patroklos G. Argyroudis's Identity-based Encryption Resources.

References

References added in the latest update to this page are marked .

[AL03]

G. Appenzeller, B. Lynn, "Minimal-Overhead IP Security using Identity-Based Encryption,"submitted preprint, 2003.

[AM03]

G. Ateniese, B. de Medeiros, "Identity-based Chameleon Hash and Applications,"Financial Cryptography -- FC'2004,Lecture Notes on Computer Science, Springer-Verlag, to appear. See also Cryptology ePrint Archive,Report 2003/167.

[AM04]

G. Ateniese, B. de Medeiros, "A Provably Secure Nyberg-Rueppel Signature Variant with Applications," Cryptology ePrint Archive,Report 2004/093.

[AP02]

S. S. Al-Riyami, K. G. Paterson, "Tripartite Authenticated Key Agreement Protocols from Pairings,"IMA Conference on Cryptography and Coding,Lecture Notes on Computer Science 2898, Springer-Verlag (2003), pp. 332--359. See also Cryptology ePrint Archive,Report 2002/035.

[AP03]

S. S. Al-Riyami, K. G. Paterson, "Certificateless Public Key Cryptography,"Advances in Cryptology -- Asiacrypt'2003,Lecture Notes on Computer Science 2894, Springer-Verlag (2003), pp. 452--473. See also Cryptology ePrint Archive,Report 2003/126.

[B02a]

A. Boldyreva, "Efficient threshold signature, multisignature and blind signature schemes based on the Gap-Diffie-Hellman-group signature scheme,"Practice and Theory in Public Key Cryptography -- PKC'2003,Lecture Notes on Computer Science 2567, Springer-Verlag (2003), pp. 31--46. See also Cryptology ePrint Archive,Report 2002/118.

[B02b]

M. Baldwin, "Identity Based Encryption from the Tate Pairing to Secure Email Communications,"Master Thesis, University of Bristol, 2002.

[B03a]

P. S. L. M. Barreto, "Criptografia Robusta e Marcas d'�gua Fr�geis: Constru��o e An�lise de Algoritmos para Localizar Altera��es em Imagens Digitais,"PhD Thesis (in Portuguese), Universidade de S�o Paulo, Escola Polit�cnica, 2003.

[B03b]

W. D. Benits Jr., "Sistemas Criptogr�ficos Baseados em Identidades Pessoais,"Master Thesis (in Portuguese), Universidade de S�o Paulo, Instituto de Matem�tica e Estat�stica, 2003.

[B03c]

X. Boyen, "Multipurpose Identity-Based Signcryption: A Swiss Army Knife for Identity-Based Cryptography,"Advances in Cryptology -- Crypto'2003,Lecture Notes on Computer Science 2729, Springer-Verlag (2003), pp. 382--398. Availableonline.

[BB04a]

D. Boneh, X. Boyen, "Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles,"Advances in Cryptology -- Eurocrypt'2004,Lecture Notes on Computer Science 3027, Springer-Verlag (2004), pp. 223--238.Published version.Full version.

[BB04b]

D. Boneh, X. Boyen, "Short Signatures Without Random Oracles,"Advances in Cryptology -- Eurocrypt'2004,Lecture Notes on Computer Science 3027, Springer-Verlag (2004), pp. 56--73.Published version.Full version.

[BB04c]

D. Boneh, X. Boyen, "Secure Identity Based Encryption Without Random Oracles,"Advances in Cryptology -- Crypto'2004,Lecture Notes on Computer Science, Springer-Verlag, to appear.

[BBS04]

D. Boneh, X. Boyen, H. Shacham, "Short Group Signatures,"Advances in Cryptology -- Crypto'2004,Lecture Notes on Computer Science, Springer-Verlag, to appear.

[BCOP04]

D. Boneh, G. Di Crescenzo, R. Ostrovsky, G. Persiano, "Public key encryption with keyword search,"Advances in Cryptology -- Eurocrypt'2004,Lecture Notes on Computer Science 3027, Springer-Verlag (2004), pp. 506--522.Published version.Full version.

[BDD04]

A. Burnett, A. Duffy, T. Dowling, "A Biometric Identity Based Signature Scheme," Cryptology ePrint Archive,Report 2004/176.

[BDS03]

R. Barua, R. Dutta, P. Sarkar, "Extending Joux's Protocol to Multi Party Key Agreement,"3rd International Cryptology Conference in India -- Indocrypt'2003,Lecture Notes on Computer Science 2904, Springer-Verlag (2003), pp. 205--217. See also Cryptology ePrint Archive,Report 2003/062.

[BDS04]

R. Barua, R. Dutta, P. Sarkar, "Provably Secure Authenticated Tree Based Group Key Agreement Protocol using Pairing," Cryptology ePrint Archive,Report 2004/090.

[BDSSSW03]

D. Balfanz, G. Durfee, N. Shankar, D. K. Smetters, J. Staddon, H. C. Wong, "Secret Handshakes from Pairing-Based Key Agreements,"IEEE Symposium on Security and Privacy (Proceedings), pp. 180--196, 2003.Full version.

[BF01]

D. Boneh, M. Franklin, "Identity-based encryption from the Weil pairing,"Advances in Cryptology -- Crypto'2001,Lecture Notes on Computer Science 2139, Springer-Verlag (2001), pp. 213--229.Full version.

[BGKOPW03]

G. Bertoni, J. Guajardo, S. Kumar, G. Orlando, C. Paar, T. Wollinger, "Efficient GF(p m) Arithmetic Architectures for Cryptographic Applications,"Topics in Cryptology -- CT-RSA 2003,Lecture Notes on Computer Science 2612, Springer-Verlag (2003), pp. 158--175.Published version.

[BGLS03a]

D. Boneh, C. Gentry, B. Lynn, H. Shacham, "Aggregate and Verifiably Encrypted Signatures from Bilinear Maps,"Advances in Cryptology -- Eurocrypt'2003,Lecture Notes on Computer Science 2656, Springer-Verlag (2003), pp. 416--432.Published version.Full version.

[BGLS03b]

D. Boneh, C. Gentry, B. Lynn, H. Shacham, "A Survey of Two Signature Aggregation Techniques,"CryptoBytes 6(2), RSA Laboratories (2003), pp. 2--10.

[BHS04]

R. Bradshaw, J. Holt, K. Seamons, "Concealing Complex Policies with Hidden Credentials," Cryptology ePrint Archive,Report 2004/109.

[BKLS02]

P. S. L. M. Barreto, H. Y. Kim, B. Lynn, M. Scott, "Efficient Algorithms for Pairing-Based Cryptosystems,"Advances in Cryptology -- Crypto'2002,Lecture Notes on Computer Science 2442, Springer-Verlag (2002), pp. 354--368.Published version. See also Cryptology ePrint Archive,Report 2002/008.

[BLS01]

D. Boneh, B. Lynn, H. Shacham, "Short signatures from the Weil pairing,"Advances in Cryptology -- Asiacrypt'2001,Lecture Notes on Computer Science 2248, Springer-Verlag (2002), pp. 514--532.Full version.

[BLS02]

P. S. L. M. Barreto, B. Lynn, M. Scott, "Constructing Elliptic Curves with Prescribed Embedding Degrees,"Security in Communication Networks -- SCN'2002,Lecture Notes on Computer Science 2576, Springer-Verlag (2003), pp. 257--267.Published version. See also Cryptology ePrint Archive,Report 2002/088.

[BLS03]

P. S. L. M. Barreto, B. Lynn, M. Scott, "On the Selection of Pairing-Friendly Groups,"Selected Areas in Cryptography -- SAC'2003,Lecture Notes on Computer Science 3006, Springer-Verlag (2004), pp. 17--25.Published version. See also Cryptology ePrint Archive,Report 2003/086.

[BMP03]

C. Boyd, W. Mao, K. Paterson, "Deniable authenticated key establishment for internet protocols,"11th International Workshop on Security Protocols -- IWSP'2003, Cambridge (UK), April 2003,Lecture Notes on Computer Science, Springer-Verlag, to appear.Full version.

[BMP04]

C. Boyd, W. Mao, K. Paterson, "Key agreement using statically keyed authenticators,"Applied Cryptography and Network Security -- ACNS'2004, Yellow Mountain, China,Lecture Notes on Computer Science 3089, Springer-Verlag (2004), to appear.

[BMS03]

D. Boneh, I. Mironov, V. Shoup, "A Secure Signature Scheme from Bilinear Maps,"Topics in Cryptology -- CT-RSA 2003,Lecture Notes on Computer Science 2612, Springer-Verlag (2003), pp. 98--110.Published version.Full version.

[BMX04]

I. Blake, K. Murty, G. Xu, "Refinements of Miller's Algorithm for Computing Weil/Tate Pairing," Cryptology ePrint Archive,Report 2004/065.

[BNN04]

M. Bellare, C. Namprempre, G. Neven, "Security Proofs for Identity-Based Identification and Signature Schemes,"Advances in Cryptology -- Eurocrypt'2004,Lecture Notes on Computer Science 3027, Springer-Verlag (2004), pp. 268--286.Published version.Full version.

[BP02]

M. Bellare, A. Palacio, "Protecting against Key Exposure: Strongly Key-Insulated Encryption with Optimal Threshold," Cryptology ePrint Archive,Report 2002/064.

[BPW03]

A. Boldyreva, A. Palacio, B. Warinschi, "Secure Proxy Signature Schemes for Delegation of Signing Rights," Cryptology ePrint Archive,Report 2003/096.

[BS02]

D. Boneh, A. Silverberg, "Applications of Multilinear Forms to Cryptography,"Contemporary Mathematics 324, American Mathematical Society, pp. 71--90, 2003.Full version.

[BT04]

W. D. Benits Jr, R. Terada, "An IBE Scheme to Exchange Authenticated Secret Keys," Cryptology ePrint Archive,Report 2004/071.

[BW03]

F. Brezing, A. Weng, "Elliptic curves suitable for pairing based cryptography," Cryptology ePrint Archive,Report 2003/143.

[BZ03]

J. Baek, Y. Zheng, "Identity-Based Threshold Decryption,"Practice and Theory in Public Key Cryptography -- PKC'2004, Singapore(SG), March 2004,Lecture Notes on Computer Science 2947, Springer-Verlag (2004), pp. 262--276. See also Cryptology ePrint Archive,Report 2003/164.

[C02a]

C. Castelluccia, "How to convert any ID-based Signature Scheme into a Group Signature Scheme," Cryptology ePrint Archive,Report 2002/116.

[C02b]

J. H. Cheon, "A Universal Forgery of Hess's Second ID-based Signature against the Known-message Attack," Cryptology ePrint Archive,Report 2002/028.

[C03]

Z. Chen, "Security analysis on Nalla-Reddy's ID-based tripartite authenticated key agreement protocols," Cryptology ePrint Archive,Report 2003/103.

[CB03]

M. Casassa Mont, P. Bramhall, "IBE Applied to Privacy and Identity Management," Hewlett-Packard Laboratories,technical report HPL-2003-101, 2003.

[CBDH03]

M. Casassa Mont, P. Bramhall, C. R. Dalton, K. Harrison, "A Flexible Role-based Secure Messaging Service: Exploiting IBE Technology in a Health Care Trial," Hewlett-Packard Laboratories,technical report HPL-2003-21, 2003.

[CC02]

J. C. Cha, J. H. Cheon, "An Identity-Based Signature from Gap Diffie-Hellman Groups,"Practice and Theory in Public Key Cryptography -- PKC'2003,Lecture Notes on Computer Science 2567, Springer-Verlag (2003), pp. 18--30. See also Cryptology ePrint Archive,Report 2002/018.

[CGHYC04]

S. S. M. Chow, H. W. Go, L. C. K. Hui, S. M. Yiu, K. P. Chow, "Two Forward-Secure Threshold Signature Schemes,"Applied Cryptography and Network Security -- ACNS'2004, Yellow Mountain, China,Lecture Notes on Computer Science 3089, Springer-Verlag (2004), to appear.

[CHK03a]

R. Canetti, S. Halevi, J. Katz, "A Forward-Secure Public-Key Encryption Scheme,"Advances in Cryptology -- Eurocrypt'2003,Lecture Notes on Computer Science 2656, Springer-Verlag (2003), pp. 255--271.Published version.

[CHK03b]

R. Canetti, S. Halevi, J. Katz, "Chosen-Ciphertext Security from Identity-Based Encryption," Cryptology ePrint Archive,Report 2003/182.

[CHL04]

K. Y. Choi, J. Y. Hwang, D. H. Lee, "Efficient ID-based Group Key Agreement with Bilinear Maps,"Practice and Theory in Public Key Cryptography -- PKC'2004, Singapore(SG), March 2004,Lecture Notes on Computer Science 2947, Springer-Verlag (2004), pp. 130--144.

[CHMSS02]

L. Chen, K. Harrison, A. Moss, N. P. Smart, D. Soldera, "Certification of public keys within an identity based system,"ISC'2002,Lecture Notes on Computer Science 2433, Springer-Verlag (2002), pp. 322--333.

[CHSS02]

L. Chen, K. Harrison, N. P. Smart, D. Soldera, "Applications of multiple trust authorities in pairing based cryptosystems,"InfraSec'2002,Lecture Notes on Computer Science 2437, Springer-Verlag (2002), pp. 260--275.

[CHYC03]

S. S. M. Chow, L. C. K. Hui, S. M. Yiu, K. P. Chow, "A Secure Modified ID-Based Undeniable Signature Scheme based on Han et al.'s Scheme against Zhang et al.'s Attacks," Cryptology ePrint Archive,Report 2003/262.

[CHY04]

S. S. M. Chow, L. C. K. Hui, S. M. Yiu, "Identity Based Threshold Ring Signature," Cryptology ePrint Archive,Report 2004/179.

[CHYC04]

S. S. M. Chow, L. C. K. Hui, S. M. Yiu, K. P. Chow, "Two Improved Partially Blind Signature Schemes from Bilinear Pairings," Cryptology ePrint Archive,Report 2004/108.

[CK02]

L. Chen, C. Kudla, "Identity Based Authenticated Key Agreement from Pairings," Cryptology ePrint Archive,Report 2002/184.

[CKY04]

J. H. Cheon, Y. Kim, H. J. Yoon, "A New ID-based Signature with Batch Verification," Cryptology ePrint Archive,Report 2004/131.

[CL02]

J. H. Cheon, D. H. Lee, "Diffie-Hellman Problems and Bilinear Maps," Cryptology ePrint Archive,Report 2002/117.

[CL03]

Y. J. Choie, E. Lee, "Implementation of Tate Pairing on Hyperelliptic Curves of Genus 2,"6th International Conference on Information Security and Cryptology -- ICISC'2003,Lecture Notes on Computer Science 2971, Springer-Verlag (2004), pp. 97--111.

[CL04]

J. Camenisch, A. Lysyanskaya, "Signature Schemes and Anonymous Credentials from Bilinear Maps,"Advances in Cryptology -- Crypto'2004,Lecture Notes on Computer Science, Springer-Verlag (2004), to appear.

[CM04]

L. Chen, J. Malone-Lee, "Improved Identity-Based Signcryption," Cryptology ePrint Archive,Report 2004/114.

[CP01]

C. Cocks, R. G. E. Pinch, "Identity-based cryptosystems based on the Weil pairing," unpublished manuscript, 2001.

[CPB03]

M. Casassa Mont, S. Pearson, P. Bramhall, "Towards Accountable Management of Identity and Privacy: Sticky Policies and Enforceable Tracing Services," Hewlett-Packard Laboratories,technical report HPL-2003-49, 2003.

[CU02]

Q. Cheng, S. Uchiyama, "Nonuniform polynomial time algorithm to solve decisional Diffie-Hellman problem in finite fields under conjecture,"Topics in Cryptology -- CT-RSA 2002,Lecture Notes on Computer Science 2271, Springer-Verlag (2002), pp. 290--299.Published version.Updated version(under the title "The Decisional Diffie-Hellman Problem and the Uniform Boundedness Theorem").

[CVC04]

Z. Cheng, L. Vasiu, R. Comley, "Pairing-Based One-Round Tripartite Key Agreement Protocols," Cryptology ePrint Archive,Report 2004/079.

[CYHC04]

S. S. M. Chow, S. M. Yiu, L. C. K. Hui, K. P. Chow, "Efficient Forward and Provably Secure ID-Based Signcryption Scheme with Public Verifiability and Public Ciphertext Authenticity,"6th International Conference on Information Security and Cryptology -- ICISC'2003,Lecture Notes on Computer Science 2971, Springer-Verlag (2004), pp. 352--369.

[CZK03a]

X. Chen, F. Zhang, K. Kim, "A New ID-based Group Signature Scheme from Bilinear Pairings,"Proceedings of WISA'2003, August 2003, Jeju Island(KR), pp. 585--592. See also Cryptology ePrint Archive,Report 2003/116.

[CZK03b]

X. Chen, F. Zhang, K. Kim, "ID-based Multi-Proxy Signature and Blind Multisignature from Bilinear Pairings,"Proceedings of KIISC'2003, August 2003, Korea, pp. 11--19.

[CZK04a]

X. Chen, F. Zhang, K. Kim, "Limited Verifier Signature from Bilinear Pairings,"Applied Cryptography and Network Security -- ACNS'2004",Lecture Notes on Computer Science 3089, Springer-Verlag (2004), to appear.

[CZK04b]

X. Chen, F. Zhang, K. Kim, "Chameleon Hashing without Key Exposure," Cryptology ePrint Archive,Report 2004/038.

[D02]

Y. Dodis, "Efficient Construction of (Distributed) Verifiable Random Functions,"Practice and Theory in Public Key Cryptography -- PKC'2003,Lecture Notes on Computer Science 2567, Springer-Verlag (2003), pp. 1--17. See also Cryptology ePrint Archive,Report 2002/133.

[DBS04]

R. Dutta, R. Barua, P. Sarkar, "Pairing-Based Cryptography : A Survey," Cryptology ePrint Archive,Report 2004/064.

[DE02]

R. Dupont, A. Enge, "Practical Non-Interactive Key Distribution Based on Pairings,"International Workshop on Coding and Cryptography (WCC) (Proceedings), Versailles, 2003. See also Cryptology ePrint Archive,Report 2002/136.

[DEM02]

R. Dupont, A. Enge, F. Morain, "Building curves with arbitrary small MOV degree over finite prime fields," Cryptology ePrint Archive,Report 2002/094.

[DFKMY03]

Y. Dodis, M. Franklin, J. Katz, A. Miyaji, M. Yung, "Intrusion-Resilient Public-Key Encryption,"Topics in Cryptology -- CT-RSA 2003,Lecture Notes on Computer Science 2612, Springer-Verlag (2003), pp. 19--32.Published version.

[DL03]

I. M. Duursma, H.-S. Lee, "Tate Pairing Implementation for Hyperelliptic Curves_y_2 = x p - x + d,"Advances in Cryptology -- Asiacrypt'2003,Lecture Notes on Computer Science 2894, Springer-Verlag (2003), pp. 111--123. See also Cryptology ePrint Archive,Report 2003/053.

[DS98]

I. M. Duursma, K. Sakurai, "Efficient Algorithms for the Jacobian Variety of Hyperelliptic Curves_y_2 = x p - x + 1 Over a Finite Field of Odd Characteristic p,"International Conference on Coding Theory, Cryptography and Related Areas (ICCC), Guanajuato, April 1998, Springer-Verlag (2000), pp. 73--89. Availableonline.

[DWGW03a]

X. Du, Y. Wang, J. Ge, Y. Wang, "Chameleon Signature from Bilinear Pairing," Cryptology ePrint Archive,Report 2003/238.

[DWGW03b]

X. Du, Y. Wang, J. Ge, Y. Wang, "ID-based Authenticated Two Round Multi-Party Key Agreement," Cryptology ePrint Archive,Report 2003/247.

[DWGW03c]

X. Du, Y. Wang, J. Ge, Y. Wang, "An Improved ID-based Authenticated Group Key Agreement Scheme," Cryptology ePrint Archive,Report 2003/260.

[EFS04]

M. Enzmann, M. Fischlin, M. Schneider, "A Privacy-Friendly Loyalty System Based on Discrete Logarithms over Elliptic Curves,"Financial Cryptography -- FC'2004, Key West, USA,Lecture Notes on Computer Science, Springer-Verlag (2004), to appear.

[ELM02]

K. Eisentraeger, K. Lauter, P. L. Montgomery, "Fast Elliptic Curve Arithmetic and Improved Weil Pairing Evaluation,"Topics in Cryptology -- CT-RSA 2003,Lecture Notes on Computer Science 2612, Springer-Verlag (2003), pp. 343--354.Published version.

[ELM03]

K. Eisentraeger, K. Lauter, P. L. Montgomery, "Improved Weil and Tate Pairings for Elliptic and Hyperelliptic Curves,"Algorithmic Number Theory Symposium -- ANTS-VI,Lecture Notes on Computer Science 3076, Springer-Verlag (2004), pp. 169--183. See also Cryptology ePrint Archive,Report 2003/242.

[FR94]

G. Frey, H. R�ck, "A remark concerning _m_-divisibility and the discrete logarithm in the divisor class group of curves,"Mathematics of Computation, 62 (1994), pp. 865--874.

[FMR99]

G. Frey, M. M�ller, H. R�ck, "The Tate Pairing and the Discrete Logarithm Applied to Elliptic Curve Cryptosystems,"IEEE Transactions on Information Theory 45(5) (1999), pp. 1717--1719.Preprint.

[G02a]

M. Gagn�, "Applications of Bilinear Maps in Cryptography,"Master Thesis, University of Waterloo, 2002.

[G03]

M. Gagn�, "Identity-Based Encryption: a Survey,"CryptoBytes 6(1), RSA Laboratories (2003), pp. 10--19.

[G02b]

S. D. Galbraith, "Supersingular curves in cryptography,"Advances in Cryptology -- Asiacrypt'2001,Lecture Notes on Computer Science 2248, Springer-Verlag (2002), pp. 495--513.Full version.

[GHPSV04]

R. Granger, A. Holt, D. Page, N. Smart, F. Vercauteren, "Function Field Sieve in Characteristic Three,"Algorithmic Number Theory Symposium -- ANTS-VI,Lecture Notes on Computer Science 3076, Springer-Verlag (2004), pp. 223--234.

[GHS02a]

S. D. Galbraith, K. Harrison, D. Soldera, "Implementing the Tate pairing,"Algorithmic Number Theory Symposium -- ANTS-V,Lecture Notes on Computer Science 2369, Springer-Verlag (2002), pp. 324--337.Technical report.

[GMV04]

D. Galindo, S. Martin, J. L. Villar, "Evaluating elliptic curve based KEMs in light of pairings," Cryptology ePrint Archive,Report 2004/084.

[GR04]

S. D. Galbraith, V. Rotger, "Easy decision-Diffie-Hellman groups," Cryptology ePrint Archive,Report 2004/070.

[GHS02b]

S. D. Galbraith, H. J. Hopkins, I. E. Shparlinski, "Secure Bilinear Diffie-Hellman Bits,"9thAustralasian Conference on Information Security and Privacy -- ACISP'2004(July 2004, Sidney, Australia),Lecture Notes on Computer Science, Springer-Verlag (2004), to appear. See also Cryptology ePrint Archive,Report 2002/155.

[GPS04a]

R. Granger, D. Page, M. Stam, "On Small Characteristic Algebraic Tori in Pairing-Based Cryptography," Cryptology ePrint Archive,Report 2004/132.

[GPS04b]

R. Granger, D. Page, M. Stam, "Hardware and Software Normal Basis Arithmetic for Pairing Based Cryptography in Characteristic Three," Cryptology ePrint Archive,Report 2004/157.

[GS02]

C. Gentry, A. Silverberg, "Hierarchical ID-Based Cryptography,"Advances in Cryptology -- Asiacrypt'2002,Lecture Notes on Computer Science 2501, Springer-Verlag (2002), pp. 548--566. See also Cryptology ePrint Archive,Report 2002/056.

[H02a]

F. He�, "Efficient Identity Based Signature Schemes Based on Pairings,"Selected Areas in Cryptography -- SAC'2002,Lecture Notes on Computer Science 2595, Springer-Verlag (2003), pp. 310--324.Published version.Updated preprint.

[H02b]

F. He�, "A Note on the Tate Pairing of Curves over Finite Fields," 2002.Submitted preprint.

[H04a]

J. Herranz, "A formal proof of security of Zhang and Kim's ID-based ring signature scheme,"2ndInternational Workshop on Security in Information Systems -- WOSIS 2004, INSTICC Press 2004, ISBN 972-8865-07-4, pp. 63--72. Also availablehere.

[H04b]

F. He�, "On the security of the verifiably-encrypted signature scheme of Boneh, Gentry, Lynn and Shacham,"Electronics Letters 89(3) (2004), pp. 111--114.

[HDP04]

L. Hu, J. Dong, D. Pei, "An Implementation of Cryptosystems based on Tate Pairing,"Proceedings of ChinaCrypt'2004, Wuxi, China, 2004, pp. 409--415.

[HFW03]

L. Hu, D. G. Feng, T. H. Wen, "Fast multiplication on a family of Koblitz elliptic curves,"Journal of Software 14(11) (2003), pp. 1907--1910.Published version.

[HK04]

S.-H. Heng, K. Kurosawa, "_k_-Resilient Identity-Based Encryption in the Standard Model,"Topics in Cryptology -- CT-RSA 2004,Lecture Notes on Computer Science 2964, Springer-Verlag (2004), pp. 67--80.Published version.

[HL02]

J. Horwitz, B. Lynn, "Towards Hierarchical Identity-Based Encryption,"Advances in Cryptology -- Eurocrypt'2002,Lecture Notes on Computer Science 2332, Springer-Verlag (2002), pp. 466--481.Published version.

[HPS02]

K. Harrison, D. Page, N. P. Smart, "Software implementation of finite fields of characteristic three," LMS Journal of Computation and Mathematics 5, pp. 181--193, 2002.

[HS03]

J. Herranz, G. S�ez, "A provably secure ID-based ring signature scheme," Cryptology ePrint Archive,Report 2003/261.

[HWI03]

F. Hu, C.-H. Wu, J. D. Irwin, "A New Forward Secure Signature Scheme using Bilinear Maps," Cryptology ePrint Archive,Report 2003/188.

[HYW03]

S. Han, K. Y. Yueng, J. Wang, "Undeniable Signatures from Pairings over Elliptic Curves,"Proc. 4th ACM Conference on Electronic Commerce -- EC'03, 2003, to appear.

[IT02]

T. Izu, T. Takagi, "Efficient Computations of the Tate Pairing for the Large MOV degrees,"5th International Conference on Information Security and Cryptology -- ICISC'2002,Lecture Notes on Computer Science 2587, Springer-Verlag (2003), pp. 283--297.

[J00]

A. Joux, "A one-round protocol for tripartite Diffie-Hellman,"Algorithm Number Theory Symposium -- ANTS-IV,Lecture Notes on Computer Science 1838, Springer-Verlag (2000), pp. 385--394.

[J02]

A. Joux, "The Weil and Tate Pairings as Building Blocks for Public Key Cryptosystems,"Algorithm Number Theory Symposium -- ANTS-V,Lecture Notes on Computer Science 2369, Springer-Verlag (2002), pp. 20--32.

[JN01]

A. Joux, K. Nguyen, "Separating Decision Diffie-Hellman from Diffie-Hellman in Cryptographic Groups," Cryptology ePrint Archive,Report 2001/003.

[KH04]

K. Kurosawa, S.-H. Heng, "From Digital Signature to ID-Based Identification/Signature,"Practice and Theory in Public Key Cryptography -- PKC'2004, Singapore(SG), March 2004,Lecture Notes on Computer Science 2947, Springer-Verlag (2004), pp. 248--261.

[KKA03]

A. Khalili, J. Katz, W. A. Arbaugh, "Toward Secure Key Distribution in Truly Ad-Hoc Networks,"IEEE Workshop on Security and Assurance in Ad-Hoc Networks, 2003.Full version.

[KKK02]

M. Kim, H. Kim, K. Kim, "A New Identification Scheme based on the Gap Diffie-Hellman Problem,"2002 Symposium on Cryptography and Information Security (SCIS2002), Shirahama, Japan, Jan. 29 -- Feb. 1, 2003, vol. 1/2, pp. 349--352.

[KLY03]

H. S. Kim, S. W. Lee, K. Y. Yoo, "ID-Based Password Authentication Scheme using Smartcards and Fingerprints,"ACM Operating Systems Review 17(4), pp. 32--41, 2003.

[L02]

B. Lynn, "Authenticated Identity-Based Encryption," Cryptology ePrint Archive,Report 2002/072.

[L03]

B. Lynn, "Applications of bilinear maps,"7th Workshop on Elliptic Curve Cryptography -- ECC'2003,slide presentation.

[L04]

S. Lee, "Threshold Password-Authenticated Key Retrieval Protocol Using Bilinear Pairings,"Master Thesis, School of Engineering, Information and Communications University, Daejeon, Korea, 2004.

[LBDKYY04]

B. Lee, C. Boyd, E. Dawson, K. Kim, J. Yang, S. Yoo, "Secure Key Issuing in ID-based Cryptography,"Australasian Information Security Workshop -- AISW'2004, Dunedin, New Zealand, 2004.

[LHKKI04]

S. Lee, K. Han, S. Kang, K. Kim, S. R. Ine, "Threshold Password-Based Authentication Using Bilinear Pairings,"1st European PKI Workshop: Research and Applications, Samos Island, Greece, 2004.

[LKKR03]

S. Lee, Y. Kim, K. Kim, D.-H. Ryu, "An Efficient Tree-based Group Key Agreement using Bilinear map,"Applied Cryptography and Network Security -- ACNS'2003, Kumming, China,Lecture Notes on Computer Science 2846, Springer-Verlag (2003), pp. 357--371.

[LLL02]

H.-K. Lee, H.-S. Lee, Y.-R. Lee, "Multi-Party Authenticated Key Agreement Protocols from Multilinear Forms," Cryptology ePrint Archive,Report 2002/166.

[LQ03a]

B. Libert, J.-J. Quisquater, "New identity based signcryption schemes based on pairings,"IEEE Information Theory Workshop, Paris (France), 2003. See also Cryptology ePrint Archive,Report 2003/023.

[LQ03b]

B. Libert, J.-J. Quisquater, "Efficient revocation and threshold pairing based cryptosystems,"Symposium on Principles of Distributed Computing -- PODC'2003, 2003.

[LQ03c]

B. Libert, J.-J. Quisquater, "Identity Based Undeniable Signatures," Cryptology ePrint Archive,Report 2003/206.

[LQ04a]

B. Libert, J.-J. Quisquater, "Efficient Signcryption with Key Privacy from Gap-Diffie-Hellman Groups,"Practice and Theory in Public Key Cryptography -- PKC'2004, Singapore(SG), March 2004,Lecture Notes on Computer Science 2947, Springer-Verlag (2004), pp. 187--200.

[LQ04b]

B. Libert, J.-J. Quisquater, "The Exact Security of an Identity Based Signature and its Applications," Cryptology ePrint Archive,Report 2004/102.

[LW03]

C.-Y. Lin, T.-C. Wu, "An identity-based ring signature scheme from bilinear pairings," Cryptology ePrint Archive,Report 2003/117.

[LWZ03a]

C.-Y. Lin, T.-C. Wu, F. Zhang, "A Structured Multisignature Scheme from the Gap Diffie-Hellman Group," Cryptology ePrint Archive,Report 2003/090.

[LWZ03b]

C.-Y. Lin, T.-C. Wu, F. Zhang, "Proxy Signature and Proxy Multi-Signature from Bilinear Pairings,"Proceedings of the 2003 International Conference on Informatics, Cybernetics and Systems, December 2003, Kaohsiung, Taiwan.

[LWZH04]

C.-Y. Lin, T.-C. Wu, F. Zhang, J.-J-Hwang, "New Identity-based Society Oriented Signature Schemes from Pairings on Elliptic Curves,"Applied Mathematics and Computation, to appear.

[LZC03]

S. Liu, F. Zhang, K. Chen, "ID-Based Tripartite Key Agreement Protocol with Pairings,"Proceedings of the 2003 IEEE International Symposium on Information Theory, Yokohama, Japan, Jun/Jul 2003, pp. 136--136.

[LZC04]

S. Liu, F. Zhang, K. Chen, "Authenticating Tripartite Key Agreement Protocol with Pairings,"Journal of Computer Science and Technology 19(2) (2004), pp. 169--176.

[M02]

J. Malone-Lee, "Identity-Based Signcryption," Cryptology ePrint Archive,Report 2002/098.

[M04a]

M. Maas, "Pairing-Based Cryptography,"Master Thesis, Technische Universiteit Eindhoven, 2004.

[M04b]

W. Mao, "An Identity-based Non-interactive Authentication Framework for Computational Grids," Hewlett-Packard Laboratories,technical report HPL-2004-096, 2004.

[MB04a]

N. McCullagh, P. S. L. M. Barreto, "Efficient and Forward-Secure Identity-Based Signcryption," Cryptology ePrint Archive,Report 2004/117.

[MB04b]

N. McCullagh, P. S. L. M. Barreto, "A New Two-Party Identity-Based Authenticated Key Agreement," Cryptology ePrint Archive,Report 2004/122.

[MH03]

W. Mao, K. Harrison, "Divisors, Bilinear Pairings and Pairing Enabled Cryptographic Applications,"slide presentation.

[MNT01]

A. Miyaji, M. Nakabayashi, S. Takano, "New Explicit Conditions of Elliptic Curve Traces for FR-Reduction,"IEICE Transactions on Fundamentals E84-A(5) (2001), pp. 1234--1243.Full version.

[MNT04]

E. Mykletun, M. Narasimha, G. Tsudik, "Signature Bouquets: Immutability for Aggregated/Condensed Signatures," Cryptology ePrint Archive,Report 2004/091.

[MOV93]

A. Menezes, T. Okamoto, S. Vanstone, "Reducing elliptic curve logarithms to logarithms in a finite field,"IEEE Transactions on Information Theory 39 (1993), pp. 1639--1646.

[MP04]

W. Mao, K. G. Paterson, "On the plausible deniability feature of Internet protocols,"preprint, 2004.

[MSK02]

S. Mitsunari, R. Sakai, M. Kasahara, "A New Traitor Tracing,"IEICE Transactions on Fundamentals E85-A(2) (2002), pp. 481--484.

[MSL03]

Y. Mu, W. Susilo, Y.-X. Lin, "Identity-Based Broadcasting,"Progress in Cryptology -- Indocrypt'2003,Lecture Notes on Computer Science 2904, Springer-Verlag (2003), pp. 177--190. See also Cryptology ePrint Archive,Report 2003/062.

[N03]

D. Nalla, "ID-based tripartite key agreement with signatures," Cryptology ePrint Archive,Report 2003/144.

[N04]

L. Nguyen, "A Trapdoor-free and Efficient Group Signature Scheme from Bilinear Pairings," Cryptology ePrint Archive,Report 2004/104.

[NR02]

D. Nalla, K. C. Reddy, "Identity Based Authenticated Group Key Agreement Protocol,"Progress in Cryptology -- Indocrypt'2002,Lecture Notes on Computer Science 2551, Springer-Verlag (2002), pp. 215--233.

[NR03a]

D. Nalla, K. C. Reddy, "ID-based tripartite Authenticated Key Agreement Protocols from pairings," Cryptology ePrint Archive,Report 2003/004.

[NR03b]

D. Nalla, K. C. Reddy, "Signcryption scheme for Identity-based Cryptosystems," Cryptology ePrint Archive,Report 2003/066.

[OP01]

T. Okamoto, D. Pointcheval, "The Gap-Problems: a New Class of Problems for the Security of Cryptographic Schemes,"Practice and Theory in Public Key Cryptography -- PKC'2001 Lecture Notes on Computer Science 1992, Springer-Verlag (2001), pp. 104--118.

[P02a]

K. G. Paterson, "ID-based signatures from pairings on elliptic curves,"Electronics Letters 38(18) (2002), pp. 1025--1026. See also Cryptology ePrint Archive,Report 2002/004.

[P02b]

K. G. Paterson, "Cryptography from pairings: a snapshot of current research," Information Security Technical Report 7(3) (2002), pp. 41--54.

[PS02]

D. Page, N. P. Smart, "Hardware implementation of finite fields of characteristic three,"Cryptographic Hardware and Embedded Systems -- CHES'2002, Springer-Verlag (2003), pp. 529--539.

[PSV04]

D. Page, N. P. Smart, F. Vercauteren, "A comparison of MNT curves and supersingular curves," Cryptology ePrint Archive,Report 2004/165.

[RS02]

K. Rubin, A. Silverberg, "Supersingular abelian varieties in cryptology,"Advances in Cryptology -- Crypto'2002,Lecture Notes on Computer Science 2442, Springer-Verlag (2002), pp. 336--353. See also Cryptology ePrint Archive,Report 2002/006.

[RS04]

K. Rubin, A. Silverberg, "Using primitive subgroups to do more with fewer bits," Cryptology ePrint Archive,Report 2004/087.

[S98]

J. H. Silverman, "Elliptic curve discrete logarithms and the index calculus,"2nd Workshop on Elliptic Curve Cryptography -- ECC'98, September 14--16, 1998.

[S01]

N. P. Smart, "An Identity Based Authenticated Key Agreement Protocol Based on the Weil Pairing,"Electronics Letters 38 (2002), pp. 630--632. See also Cryptology ePrint Archive,Report 2001/111.

[S02a]

M. Scott, "Authenticated ID-based Key Exchange and remote log-in with insecure token and PIN number," Cryptology ePrint Archive,Report 2002/164.

[S02c]

N. P. Smart, "Access control using pairing based cryptography,"Topics in Cryptology -- CT-RSA 2003,Lecture Notes on Computer Science 2612, Springer-Verlag (2003), pp. 111--121.Published version.

[S03a]

K. Shim, "Efficient one-round tripartite authenticated key agreement protocol from the Weil pairing,"Electronics Letters 39 (2003), pp. 208--209.

[S03b]

K. Shim, "Efficient ID-based authenticated key agreement protocol from the Weil pairing,"Electronics Letters 39 (2003), pp. 653--654.

[S03c]

K. Shim, "A Man-in-the-middle attack on Nalla-Reddy's ID-based Tripartite Authenticated Key Agreement Protocol," Cryptology ePrint Archive,Report 2003/115.

[S03d]

K. Shim, "Cryptanalysis of Al-Riyami-Paterson's Authenticated Three Party Key Agreement Protocols," Cryptology ePrint Archive,Report 2003/122.

[S03e]

J. A. Solinas, "ID-based Digital Signature Algorithms,"7th Workshop on Elliptic Curve Cryptography -- ECC'2003,slide presentation.

[S04]

M. Scott, "Cryptanalysis of an ID-based Password Authentication Scheme using Smart Cards and Fingerprints," Cryptology ePrint Archive,Report 2004/017.

[SB04a]

M. Scott, P. S. L. M. Barreto, "Compressed Pairings,"Advances in Cryptology -- Crypto'2004,Lecture Notes on Computer Science, Springer-Verlag (2004), to appear. See also Cryptology ePrint Archive,Report 2004/032.

[SB04b]

M. Scott, P. S. L. M. Barreto, "Generating more MNT elliptic curves," Cryptology ePrint Archive,Report 2004/058.

[SBWP03]

R. Steinfeld, L. Bull, H. Wang, J. Pieprzyk, "Universal Designated-Verifier Signatures,"Advances in Cryptology -- Asiacrypt'2003,Lecture Notes on Computer Science 2894, Springer-Verlag (2004), pp 523--542.

[SD03]

D. K. Smetters, G. Durfee, "Domain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPSEC," 12th USENIX Security Symposium, Washington, DC, 2003, to appear.Full version.

[SK03]

R. Sakai, M. Kasahara, "ID based Cryptosystems with Pairing on Elliptic Curve," Cryptology ePrint Archive,Report 2003/054.

[SH03]

H.-M. Sun, B.-T. Hsieh, "Security Analysis of Shim's Authenticated Key Agreement Protocols from Pairings," Cryptology ePrint Archive,Report 2003/113.

[SOK00]

R. Sakai, K. Ohgishi, M. Kasahara, "Cryptosystems based on pairing,"2000 Symposium on Cryptography and Information Security (SCIS2000), Okinawa, Japan, Jan. 26--28, 2000.

[SU01]

T. Saito, S. Uchiyama, "A Remark on the MOV Algorithm for Non-supersingular Elliptic Curves,"IEICE Transactions on Fundamentals E84-A(5) (2001), pp. 1266--1268.Full version.

[SZM04]

W. Susilo, F. Zhang, Y. Mu, "Identity-based Strong Designated Verifier Signature Schemes,"Proceedings of ACISP'04,Lecture Notes on Computer Science, Springer-Verlag, to appear.

[TSZ03]

V. D. T�, R. Safavi-Naini, F. Zhang, "New Traitor Tracing Schemes Using Bilinear Map",2003 ACM Workshop on Digital Rights Management (DRM 2003), Washington DC, USA, Oct. 2003, pp. 67--76.

[TYW04]

R. Tamassia, D. Yao, and W. H. Winsborough, "Role-Based Cascaded Delegation,"ACM Symposium on Access Control Models and Technologies -- SACMAT'2004, Yorktown Heights, USA, ACM Press, to appear.

[V01]

E. Verheul, "Self-blindable Credential Certificates from the Weil Pairing,"Advances in Cryptology -- Asiacrypt'2001,Lecture Notes on Computer Science 2248, Springer-Verlag (2002), pp. 533--551.

[VZK03]

D. L. Vo, F. Zhang, K. Kim, "A New Threshold Blind Signature Scheme from Pairings,"2003 Symposium on Cryptography and Information Security (SCIS2003), Itaya, Japan, Jan. 26--29, 2003, vol. 1/2, pp. 233--238.

[W04a]

B. R. Waters, "Efficient Identity-Based Encryption Without Random Oracles," Cryptology ePrint Archive,Report 2004/180.

[W04b]

V. K. Wei, "A Bilinear Spontaneous Anonymous Threshold Signature for Ad Hoc Groups," Cryptology ePrint Archive,Report 2004/039.

[XZCK03]

Y. Xie, F. Zhang, X. Chen, K. Kim, "ID-based Distributed `Magic Ink' Signature from Pairings,"Information and Communications Security -- ICICS'2003,Lecture Notes on Computer Science 2836, Springer-Verlag (2003), pp. 249--259.

[Y02]

Y. Yacobi, "A Note on the Bilinear Diffie-Hellman Assumption," Cryptology ePrint Archive,Report 2002/113.

[Y03a]

X. Yi, "Efficient ID-based key agreement from the Weil pairing,"IEE Electronics Letters 39(2) (2003), pp. 206--208.

[Y03b]

X. Yi, "An identity-based signature scheme from the Weil pairing,"IEEE Communications Letters 7(2) (2003), pp. 76--78.

[YL03]

D. Yao, A. Lysyanskaya, "Forward-Secure Hierarchical ID-Based Cryptography," Cryptology ePrint Archive,Report 2003/149.

[YW04]

T. H. Yuen, V. K. Wei, "Fast and Proven Secure Blind Identity-Based Signcryption from Pairings," Cryptology ePrint Archive,Report 2004/121.

[ZC03]

F. Zhang, X. Chen, "Attack on Two ID-based Authenticated Group Key Agreement Schemes," Cryptology ePrint Archive,Report 2003/259.

[ZC04]

F. Zhang, X. Chen, "Attack on an ID-based Authenticated Group Key Agreement Scheme from PKC'2004,"Electronics Letters, to appear.

[ZK02a]

F. Zhang, K. Kim, "ID-based blind signature and ring signature from pairings,"Advances in Cryptology -- Asiacrypt'2002,Lecture Notes on Computer Science 2501, Springer-Verlag (2002), pp. 533--547.

[ZK02b]

F. Zhang, K. Kim, "Signature-Masked Authentication Using the Bilinear Pairings," Cryptology & Information Security Laboratory (CAIS), Information and Communications University,technical report, 2002.

[ZK03]

F. Zhang, K. Kim, "Efficient ID-Based Blind Signature and Proxy Signature from Bilinear Pairings,"8thAustralasian Conference on Information Security and Privacy -- ACISP'2003(July 2003, Wollongong, Australia),Lecture Notes on Computer Science 2727, Springer-Verlag (2003), pp. 312--323.

[ZLK02]

F. Zhang, S. Liu, K. Kim, "ID-Based One Round Authenticated Tripartite Key Agreement Protocol with Pairings," Cryptology ePrint Archive,Report 2002/122.

[ZSL03]

F. Zhang, R. Safavi-Naini, C.-Y. Lin, "New Proxy Signature, Proxy Blind Signature and Proxy Ring Signature Schemes from Bilinear Pairing," Cryptology ePrint Archive,Report 2003/104.

[ZSS03a]

F. Zhang, R. Safavi-Naini, W. Susilo, "Attack on Han et al.'s ID-based Confirmer (Undeniable) Signature at ACM-EC'03," Cryptology ePrint Archive,Report 2003/129.

[ZSS03b]

F. Zhang, R. Safavi-Naini, W. Susilo, "ID-Based Chameleon Hashes from Bilinear Pairings," Cryptology ePrint Archive,Report 2003/208.

[ZSS04a]

F. Zhang, R. Safavi-Naini, W. Susilo, "Efficient Verifiably Encrypted Signature and Partially Blind Signature from Bilinear Pairings,"Progress in Cryptology -- Indocrypt'2003,Lecture Notes on Computer Science 2904, Springer-Verlag (2003), pp. 191--204. See also Cryptology ePrint Archive,Report 2004/004.

[ZSS04b]

F. Zhang, R. Safavi-Naini, W. Susilo, "An Efficient Signature Scheme from Bilinear Pairings and Its Applications,"Practice and Theory in Public Key Cryptography -- PKC'2004, Singapore(SG), March 2004,Lecture Notes on Computer Science 2947, Springer-Verlag (2004), pp. 277--290.

[ZXF03]

Z.-F. Zhang, J. Xu, D.-G. Feng, "Attack on an Identification Scheme Based on Gap Diffie-Hellman Problem," Cryptology ePrint Archive,Report 2003/153.

Back to main page

Visits between 2002.09.13 and 2008.11.19:

Visits since 2008.11.19:

Last update: 2008.11.19
Copyright � 2002, 2008 by Paulo S. L. M. Barreto. All rights reserved.