A nominative signature scheme allows a nominator (i.e. the signer) and a nominee (i.e. a designated verifier) to jointly generate and publish a signature so that only the nominee ...
A leakage-resilient cryptosystem remains secure even if arbitrary, but bounded, information about the secret key (or possibly other internal state information) is leaked to an adv...
In 1998, Blaze, Bleumer, and Strauss suggested a cryptographic primitive termed proxy re-signature in which a proxy transforms a signature computed under Alice's secret key in...
xtended abstract which appears in the 2011 International Conference on Theory and Practice in Public Key Cryptography PKC 2011 (6–9 march 2011, Taormina, Italy) D. Catalano, N. F...
Olivier Blazy, Georg Fuchsbauer, David Pointcheval...
In a traditional signature scheme, a signature on a message m is issued under a public key PK, and can be interpreted as follows: "The owner of the public key PK and its corr...