Short Signatures from the Weil Pairing
Citations
7,083 citations
5,110 citations
Cites methods from "Short Signatures from the Weil Pair..."
...We note that the signature scheme derived from our IBE system has some interesting properties [6]....
[...]
2,893 citations
Cites methods from "Short Signatures from the Weil Pair..."
...Constructive applications of supersingular curves (and bilinear maps in general) include the three-party one-round Diffie-Hellman protocol of Joux [227], the identity-based public-key encryption scheme of Boneh and Franklin [58, 59], the hierarchical identity-based encryption and signature schemes of Horwitz and Lynn [199] and Gentry and Silverberg [170], the short signature scheme of Boneh, Lynn and Shacham [62], the aggregate signature scheme of Boneh, Gentry, Lynn and Shacham [60], the self-blindable certificate scheme of Verheul [472], and the efficient provably secure signature scheme of Boneh, Mironov and Shoup [63]....
[...]
2,188 citations
Cites methods from "Short Signatures from the Weil Pair..."
...For example, the signatures in the scheme of Boneh, Lynn, Shacham [7] correspond to private keys of the Boneh-Franklin IBE system....
[...]
1,859 citations
References
13,597 citations
"Short Signatures from the Weil Pair..." refers methods in this paper
...Using standard secret sharing techniques [41], our signature scheme gives a robust t-out-of-n threshold signature [10]....
[...]
...Generic: Generic discrete log algorithms such as Baby-Step-Giant-Step and Pollard’s Rho method [41] have a running time proportional to √ p log p....
[...]
5,313 citations
Additional excerpts
...The security analysis views H as a random oracle [7, 8]....
[...]
5,110 citations
"Short Signatures from the Weil Pair..." refers background or methods in this paper
...See [40, 11] for a definition of the Weil pairing and a description of the algorithm for computing it....
[...]
...The first example of such groups was given in [34] and was used in [33, 11]....
[...]
4,680 citations
3,150 citations
"Short Signatures from the Weil Pair..." refers background in this paper
...Existential unforgeability under a chosen message attack [31] for a signature scheme (KeyGen, Sign, and Verify) is defined using the following game between a challenger and an adversary A:...
[...]