Results 1  10
of
40,450
Sequential Aggregate Signatures from Trapdoor Homomorphic Permutations
, 2003
"... A sequential aggregate signature scheme is a digital signature that supports aggregation: A single sequential aggregate, the same length as an ordinary signature, along with the n original messages, convinces a verifier that the n users did indeed sign the n original messages (i.e., user i signed me ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
also show how to construct them from any family of homomorphic trapdoor oneway permutations; previous aggregate signatures required the use of a bilinear map. Finally, we discuss how to instantiate the scheme using the trapdoor permutations generated by the RSA function.
Sequential aggregate signatures from trapdoor permutations
 Advances in Cryptology – EUROCRYPT 2004
, 2004
"... An aggregate signature scheme (recently proposed by Boneh, Gentry, Lynn, and Shacham) is a method for combining n signatures from n different signers on n different messages into one signature of unit length. We propose sequential aggregate signatures, inwhichthesetof signers is ordered. The aggrega ..."
Abstract

Cited by 59 (3 self)
 Add to MetaCart
. The aggregate signature is computed by having each signer, in turn, add his signature to it. We show how to realize this in such a way that the size of the aggregate signature is independent of n. This makes sequential aggregate signatures a natural primitive for certificate chains, whose length can be reduced
Universal OneWay Hash Functions and their Cryptographic Applications
, 1989
"... We define a Universal OneWay Hash Function family, a new primitive which enables the compression of elements in the function domain. The main property of this primitive is that given an element x in the domain, it is computationally hard to find a different domain element which collides with x. We ..."
Abstract

Cited by 357 (15 self)
 Add to MetaCart
schemes were based on the stronger mathematical assumption that trapdoor oneway functions exist. Key words. cryptography, randomized algorithms AMS subject classifications. 68M10, 68Q20, 68Q22, 68R05, 68R10 Part of this work was done while the authors were at the IBM Almaden Research Center. The first
Short signatures from the Weil pairing
, 2001
"... Abstract. We introduce a short signature scheme based on the Computational DiffieHellman assumption on certain elliptic and hyperelliptic curves. The signature length is half the size of a DSA signature for a similar level of security. Our short signature scheme is designed for systems where signa ..."
Abstract

Cited by 743 (28 self)
 Add to MetaCart
signatures are typed in by a human or signatures are sent over a lowbandwidth channel. 1
A Digital Signature Scheme Secure Against Adaptive ChosenMessage Attacks
, 1995
"... We present a digital signature scheme based on the computational diculty of integer factorization. The scheme possesses the novel property of being robust against an adaptive chosenmessage attack: an adversary who receives signatures for messages of his choice (where each message may be chosen in a ..."
Abstract

Cited by 985 (43 self)
 Add to MetaCart
in a way that depends on the signatures of previously chosen messages) can not later forge the signature of even a single additional message. This may be somewhat surprising, since the properties of having forgery being equivalent to factoring and being invulnerable to an adaptive chosenmessage attack
Domain Theory
 Handbook of Logic in Computer Science
, 1994
"... Least fixpoints as meanings of recursive definitions. ..."
Abstract

Cited by 546 (25 self)
 Add to MetaCart
Least fixpoints as meanings of recursive definitions.
Dryad: Distributed DataParallel Programs from Sequential Building Blocks
 In EuroSys
, 2007
"... Dryad is a generalpurpose distributed execution engine for coarsegrain dataparallel applications. A Dryad application combines computational “vertices ” with communication “channels ” to form a dataflow graph. Dryad runs the application by executing the vertices of this graph on a set of availa ..."
Abstract

Cited by 730 (27 self)
 Add to MetaCart
of available computers, communicating as appropriate through files, TCP pipes, and sharedmemory FIFOs. The vertices provided by the application developer are quite simple and are usually written as sequential programs with no thread creation or locking. Concurrency arises from Dryad scheduling vertices to run
On Homomorphic Encryption and Enhanced Trapdoor Permutations
"... In this thesis we study two remotely related cryptographic primitives: homomorphic encryption and enhanced trapdoor permutations. Our main result regarding homomorphic encryption shows that any privatekey encryption scheme that is weakly homomorphic with respect to addition modulo 2, can be transfo ..."
Abstract
 Add to MetaCart
in the following sense. If i + 1 repeated applications of homomorphic operations can be applied to the privatekey scheme, then i repeated applications can be applied to the publickey scheme. In an independent part of the thesis, we study (enhanced) trapdoor permutations (TDPs). We note that in many setting
Oneway functions are necessary and sufficient for secure signatures
, 1990
"... Much research in theoretical cryptography has been centered around finding the weakest possible cryptographic assumptions required to implement major primitives. Ever since Diffie and Hellman first suggested that modern ..."
Abstract

Cited by 230 (0 self)
 Add to MetaCart
Much research in theoretical cryptography has been centered around finding the weakest possible cryptographic assumptions required to implement major primitives. Ever since Diffie and Hellman first suggested that modern
Random Oracles are Practical: A Paradigm for Designing Efficient Protocols
, 1995
"... We argue that the random oracle model  where all parties have access to a public random oracle  provides a bridge between cryptographic theory and cryptographic practice. In the paradigm we suggest, a practical protocol P is produced by first devising and proving correct a protocol P R for the ..."
Abstract

Cited by 1643 (75 self)
 Add to MetaCart
for the random oracle model, and then replacing oracle accesses by the computation of an "appropriately chosen" function h. This paradigm yields protocols much more efficient than standard ones while retaining many of the advantages of provable security. We illustrate these gains for problems including
Results 1  10
of
40,450