کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
429048 | 687015 | 2011 | 6 صفحه PDF | دانلود رایگان |
Convertible authenticated encryption (CAE) schemes allow a signer to produce an authenticated ciphertext such that only a designated recipient can decrypt it and verify the recovered signature. The conversion property further enables the designated recipient to reveal an ordinary signature for dealing with a later dispute over repudiation. Based on the ElGamal cryptosystem, in 2009, Lee et al. proposed a CAE scheme with only heuristic security analyses. In this paper, we will demonstrate that their scheme is vulnerable to the chosen-plaintext attack and then further propose an improved variant. Additionally, in the random oracle model, we prove that the improved scheme achieves confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) and unforgeability against existential forgery under adaptive chosen-message attacks (EF-CMA).
► We demonstrated that Lee et al.ʼs scheme is vulnerable to the chosen-plaintext attack.
► We proposed an improved variant to withstand our proposed attack.
► The proposed scheme achieves confidentiality under IND-CCA2.
► The proposed scheme achieves unforgeability under EF-CMA.
Journal: Information Processing Letters - Volume 111, Issue 13, 1 July 2011, Pages 661–666