Sciweavers

ASIACRYPT
2000
Springer

Towards Signature-Only Signature Schemes

14 years 3 months ago
Towards Signature-Only Signature Schemes
We consider a problem which was stated in a request for comments made by NIST in the FIPS97 document. The question is the following: Can we have a digital signature public key infrastructure where the public (signature verification) keys cannot be abused for performing encryption? This may be applicable in the context of, say, exportable/escrow cryptography. The basic dilemma is that on the one hand, (1) to avoid framing by potentially misbehaving authorities we do not want them to ever learn the “signing keys” (e.g., Japan at some point declared a policy where signature keys may be required to be escrowed), and on the other hand (2) if we allow separate inaccessible public signature verification keys, these keys (based on trapdoor functions) can be used as “shadow public-keys,” and hence can be used to encrypt data in an unrecoverable manner. Any solution within the “trapdoor function” paradigm of Diffie and Hellman does not seem to lead to a solution which will simultan...
Adam Young, Moti Yung
Added 02 Aug 2010
Updated 02 Aug 2010
Type Conference
Year 2000
Where ASIACRYPT
Authors Adam Young, Moti Yung
Comments (0)