163 research outputs found
Adversarial Wiretap Channel with Public Discussion
Wyner's elegant model of wiretap channel exploits noise in the communication
channel to provide perfect secrecy against a computationally unlimited
eavesdropper without requiring a shared key. We consider an adversarial model
of wiretap channel proposed in [18,19] where the adversary is active: it
selects a fraction of the transmitted codeword to eavesdrop and a
fraction of the codeword to corrupt by "adding" adversarial error. It
was shown that this model also captures network adversaries in the setting of
1-round Secure Message Transmission [8]. It was proved that secure
communication (1-round) is possible if and only if .
In this paper we show that by allowing communicants to have access to a
public discussion channel (authentic communication without secrecy) secure
communication becomes possible even if . We formalize the
model of \awtppd protocol and for two efficiency measures, {\em information
rate } and {\em message round complexity} derive tight bounds. We also
construct a rate optimal protocol family with minimum number of message rounds.
We show application of these results to Secure Message Transmission with Public
Discussion (SMT-PD), and in particular show a new lower bound on transmission
rate of these protocols together with a new construction of an optimal SMT-PD
protocol
Construction of universal designated-verifier signatures and identity-based signatures from standard signatures
We give a generic construction for universal designated-verifier signature schemes from a large class, C, of signature schemes. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. We also propose a generic construction for identity-based signature schemes from any signature scheme in C and prove that the construction is secure against adaptive chosen message and identity attacks. We discuss possible extensions of our constructions to universal multi-designated-verifier signatures, hierarchical identity-based signatures, identity-based universal designated verifier signatures, and identity-based ring signatures from any signature in C
- β¦