, Public-Key Encryption in the Bounded-Retrieval Model, LNCS, vol.6110, pp.113-134, 2010.
DOI : 10.1007/978-3-642-13190-5_6
, New paradigms for digital signatures and message authentication based on non-interative zero knowledge proofs, CRYPTO'89, pp.194-211, 1989.
, Simulation without the Artificial Abort: Simplified Proof and Improved Concrete Security for Waters??? IBE Scheme, LNCS, vol.14, issue.4, pp.407-424, 2009.
DOI : 10.1007/11426639_7
, Tightly-secure signatures from chameleon hash functions. unpublished, p.2013
, Identity-based encryption from the Weil pairing, LNCS, vol.2139, pp.213-229, 2001.
, Shorter IBE and Signatures via Asymmetric Pairings, PAIRING 2012, pp.122-140, 2012.
DOI : 10.1007/978-3-642-36334-4_8
, Fully, (Almost) Tightly Secure IBE and Dual System Groups, CRYPTO 2013, Part II, pp.435-460, 2013.
DOI : 10.1007/978-3-642-40084-1_25
, An Identity Based Encryption Scheme Based on Quadratic Residues, 8th IMA International Conference on Cryptography and Coding, pp.360-363
DOI : 10.1007/3-540-45325-3_32
, A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack, LNCS, vol.1462, issue.98, pp.13-25
DOI : 10.1007/BFb0055717
, Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption, LNCS, vol.2332, pp.45-64, 2002.
DOI : 10.1007/3-540-46035-7_4
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.21.6205
, Message Authentication, Revisited, EUROCRYPT 2012, pp.355-374, 2012.
DOI : 10.1007/978-3-642-29011-4_22
, An algebraic framework for Diffie-Hellman assumptions, CRYPTO 2013, Part II, pp.129-147, 2013.
, Hierarchical ID-Based Cryptography, ASI- ACRYPT 2002, pp.548-566, 2002.
DOI : 10.1007/3-540-36178-2_34
, Efficient Non-interactive Proof Systems for Bilinear Groups, LNCS, vol.4965, pp.415-432, 2008.
DOI : 10.1007/978-3-540-78967-3_24
, Tightly secure signatures and public-key encryption, CRYPTO 2012, pp.590-607, 2012.
, Shorter Quasi-Adaptive NIZK Proofs for Linear Subspaces, ASIACRYPT 2013, Part I, pp.1-20, 2013.
DOI : 10.1007/s00145-016-9243-7
, Identity-based signatures, 2009.
, A New Randomness Extraction Paradigm for Hybrid Encryption, LNCS, vol.28, issue.4, pp.590-609, 2009.
DOI : 10.1007/BFb0054019
, Tools for Simulating Features of Composite Order Bilinear Groups in the Prime Order Setting, EUROCRYPT 2012, pp.318-335, 2012.
DOI : 10.1007/978-3-642-29011-4_20
, Why Proving HIBE Systems Secure Is Difficult, EUROCRYPT 2014, pp.58-76, 2014.
DOI : 10.1007/978-3-642-55220-5_4
, Number-theoretic constructions of efficient pseudo-random functions, 38th FOCS, pp.458-467, 1997.
, On the construction of pseudo-random permutations, Proceedings of the twenty-ninth annual ACM symposium on Theory of computing , STOC '97, pp.189-199, 1997.
DOI : 10.1145/258533.258581
, Cryptosystems based on pairing, SCIS 2000, 2000.
, Identity-Based Cryptosystems and Signature Schemes, CRYPTO'84, pp.47-53, 1984.
DOI : 10.1007/3-540-39568-7_5
, Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions, LNCS, vol.5677, pp.619-636, 2009.
DOI : 10.1007/978-3-642-03356-8_36
, Efficient Identity-Based Encryption Without Random Oracles, LNCS, vol.3494, pp.114-127, 2005.
DOI : 10.1007/11426639_7
, Dual System Encryption via Predicate Encodings, LNCS, vol.2014, issue.8349, pp.616-637, 2014.
DOI : 10.1007/978-3-642-54242-8_26
URL : https://hal.archives-ouvertes.fr/hal-01094703
, The security proof from Section 3 can be easily adapted to show both schemes are SPR-CMA secure. Here we just outline the ideas. For MAC NR [D k ], we first use the Q-fold D k -MDDH assumption to make the answers all Eval queries random; next, we store a list of (h 0 [·], h 1 [·]) values to make the output of Chal(m * ) random and consistent with Eval(m * ) One can also adapt the proof of MAC HPS
, 8 There exists an adversary B 1 with T(B 1 ) ? T(A) and Adv D k ,GGen (B 1 ) ? | Pr
, 10 There exists an adversary B 2 with T(B 2 ) ? T(A) and Adv spr-cma MAC (B 2 ) ? | Pr