TY - JOUR
T1 - Improvement of convertible authenticated encryption schemes and its multiple recipients version
AU - Chang, Ting-Yi
AU - Yang, Chou Chen
AU - Hwang, Min Shiang
PY - 2012/12/1
Y1 - 2012/12/1
N2 - A convertible authenticated encryption scheme simultaneously provides the functions of integration, authentication, confidentiality, and non-repudiation. A signer generates an au-thenticated ciphertext signature on the chosen message. So that only a designated recipient can recover the message by using her/his secret key and verify the message by using the signer's public key. If there is a dispute, the recipient is able to convert the authenticated ciphertext signature into an ordinary signature that can be verified by anyone. This paper separately points out that any adversary can forge a converted signature in Araki's scheme and Ma-Chen's scheme. Moreover, we further improve the weakness in Wu-Hsu's scheme, which is to convert the signature into an ordinary one should divulge the message. The im-proved scheme not only solves the weakness but also reduces the computational complexities in both sides of signer and recipient. Furthermore, the proposed convertible authenticated encryption scheme is extended for multiple recipients. The message can be recovered and verified by a group with multiple recipients.
AB - A convertible authenticated encryption scheme simultaneously provides the functions of integration, authentication, confidentiality, and non-repudiation. A signer generates an au-thenticated ciphertext signature on the chosen message. So that only a designated recipient can recover the message by using her/his secret key and verify the message by using the signer's public key. If there is a dispute, the recipient is able to convert the authenticated ciphertext signature into an ordinary signature that can be verified by anyone. This paper separately points out that any adversary can forge a converted signature in Araki's scheme and Ma-Chen's scheme. Moreover, we further improve the weakness in Wu-Hsu's scheme, which is to convert the signature into an ordinary one should divulge the message. The im-proved scheme not only solves the weakness but also reduces the computational complexities in both sides of signer and recipient. Furthermore, the proposed convertible authenticated encryption scheme is extended for multiple recipients. The message can be recovered and verified by a group with multiple recipients.
UR - http://www.scopus.com/inward/record.url?scp=84872832940&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84872832940&partnerID=8YFLogxK
M3 - Article
AN - SCOPUS:84872832940
VL - 6
SP - 151
EP - 162
JO - International Journal of Security and its Applications
JF - International Journal of Security and its Applications
SN - 1738-9976
IS - 4
ER -