Oblivious signature-based envelope

9 years 11 months ago
Oblivious signature-based envelope
We propose a new cryptographic primitive called oblivious signaturebased envelope (OSBE). Informally, an OSBE scheme enables a sender to send an envelope (encrypted message) to a receiver, and has the following two properties: (1) The receiver can open the envelope if and only if it has a third party’s (e.g., a certification authority’s) signature on an agreed-upon message. (2) The sender does not learn whether the receiver has the signature or not. We show that OSBE can be used to break policy cycles in automated trust negotiation (ATN) and to achieve oblivious access control. We develop a provably secure and efficient OSBE protocol for certificates signed using RSA signatures, as well as provably secure and efficient one-round OSBE protocols for Rabin and BLS signatures from recent constructions for identity-based encryption. We also present constructions for ∗ Invited submission to the journal Distributed Computing, special issue of selected papers of PODC 2003. Prelimina...
Ninghui Li, Wenliang Du, Dan Boneh
Added 05 Jul 2010
Updated 05 Jul 2010
Type Conference
Year 2003
Where PODC
Authors Ninghui Li, Wenliang Du, Dan Boneh
Comments (0)