Top > Seminars & Events > Seminars > Cryptography Seminar


Cryptography Seminar

Hold Date
2011-02-23 10:00〜2011-02-23 12:00
Seminar Room 6, Faculty of Mathematics building, Ito Campus
Object person
Rana Barua, Indian Statistical Institute, India and Rishiraj Bhattacharyya, Indian Statistical Institute, India

1) Speaker: Professor Rana Barua, Indian Statistical Institute, India

Title: New Construction of Identity Based Signcryption Schemes

Abstract: In this paper, we show how to construct an Identity Based Signcryption Scheme (IBSC) using an Identity Based Encryption (IBE) and an Identity Based Signature (IBS) schemes. We show that the security of the IBSC scheme (indistinguishability as well as unforgeablity) is derived from the security of the underlying IBE and IBS schemes. Moreover, we show that under mild (reasonable) assumptions, the scheme is both space and time efficient compared to the Sign-then-Encrypt approach.

2) Speaker: Rishiraj Bhattacharyya, Indian Statistical Institute, India

Title: On the Impossibility of Instantiating PSS in the Standard Model

Abstract: In this paper we consider the problem of securely instantiating Probabilistic Signature Scheme (PSS) in the standard model. PSS, proposed by Bellare and Rogaway \cite{BellareR96} is a widely deployed randomized signature scheme, provably secure (\emph{unforgeable under adaptively chosen message attacks}) in Random Oracle Model. Our main result is a black-box impossibility result showing that one can not prove unforgeability of PSS against chosen message attacks using blackbox techniques even assuming existence of \emph{ideal trapdoor permutations} (a strong abstraction of trapdoor permutations which inherits all security properties of a random permutation, introduced by Kiltz and Pietrzak in Eurocrypt 2009) or the \emph{lossy trapdoor permutations} \cite{PeikertW08}. Moreover, we show \emph{onewayness}, the most common security property of a trapdoor permutation does not suffice to prove even the weakest security criteria, namely \emph{unforgeability under zero message attack}. Our negative results can easily be extended to any randomized signature scheme where one can recover the random string from a valid signature. Joint work with Avradip Mandal. To appear at PKC 2011.