{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T18:33:49Z","timestamp":1772908429057,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":40,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783662498958","type":"print"},{"value":"9783662498965","type":"electronic"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-662-49896-5_29","type":"book-chapter","created":{"date-parts":[[2016,4,27]],"date-time":"2016-04-27T04:45:32Z","timestamp":1461732332000},"page":"822-851","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":14,"title":["Automated Unbounded Analysis of Cryptographic Constructions in the Generic Group Model"],"prefix":"10.1007","author":[{"given":"Miguel","family":"Ambrona","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gilles","family":"Barthe","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Benedikt","family":"Schmidt","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,4,28]]},"reference":[{"key":"29_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"209","DOI":"10.1007\/978-3-642-14623-7_12","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"M Abe","year":"2010","unstructured":"Abe, M., Fuchsbauer, G., Groth, J., Haralambiev, K., Ohkubo, M.: Structure-preserving signatures and commitments to group elements. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 209\u2013236. Springer, Heidelberg (2010)"},{"key":"29_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"649","DOI":"10.1007\/978-3-642-22792-9_37","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"M Abe","year":"2011","unstructured":"Abe, M., Groth, J., Haralambiev, K., Ohkubo, M.: Optimal structure-preserving signatures in asymmetric bilinear groups. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 649\u2013666. Springer, Heidelberg (2011)"},{"key":"29_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1007\/978-3-662-44371-2_14","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"M Abe","year":"2014","unstructured":"Abe, M., Groth, J., Ohkubo, M., Tango, T.: Converting cryptographic schemes from symmetric to asymmetric bilinear groups. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 241\u2013260. Springer, Heidelberg (2014)"},{"key":"29_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"390","DOI":"10.1007\/978-3-662-44371-2_22","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"M Abe","year":"2014","unstructured":"Abe, M., Groth, J., Ohkubo, M., Tibouchi, M.: Structure-preserving signatures from type II pairings. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 390\u2013407. Springer, Heidelberg (2014)"},{"key":"29_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"688","DOI":"10.1007\/978-3-642-54242-8_29","volume-title":"Theory of Cryptography","author":"M Abe","year":"2014","unstructured":"Abe, M., Groth, J., Ohkubo, M., Tibouchi, M.: Unified, minimal and selectively randomizable structure-preserving signatures. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 688\u2013712. Springer, Heidelberg (2014)"},{"key":"29_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1007\/978-3-662-46803-6_2","volume-title":"Advances in Cryptology - EUROCRYPT 2015","author":"M Abe","year":"2015","unstructured":"Abe, M., Kohlweiss, M., Ohkubo, M., Tibouchi, M.: Fully structure-preserving signatures and shrinking commitments. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 35\u201365. Springer, Heidelberg (2015)"},{"key":"29_CR7","doi-asserted-by":"crossref","unstructured":"Akinyele, J.A., Garman, C., Hohenberger, S.: Automating fast and secure translations from type-I to type-III pairing schemes. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 1370\u20131381. ACM, New York (2015)","DOI":"10.1145\/2810103.2813601"},{"key":"29_CR8","doi-asserted-by":"crossref","unstructured":"Akinyele, J.A., Green, M., Hohenberger, S.: Using SMT solvers to automate design tasks for encryption, signature schemes. In: Sadeghi, A.-R., Gligor, V.D., Yung, M. (eds.) 20th Conference on Computer and Communications Security, ACM CCS 2013, 4\u20138 November 2013, Berlin, Germany, pp. 399\u2013410. ACM Press (2011)","DOI":"10.1145\/2508859.2516718"},{"key":"29_CR9","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"385","DOI":"10.1007\/978-3-540-25984-8_29","volume-title":"Automated Reasoning","author":"G Barthe","year":"2004","unstructured":"Barthe, G., Cederquist, J., Tarento, S.: A machine-checked formalization of the generic model and the random oracle model. In: Basin, D., Rusinowitch, M. (eds.) IJCAR 2004. LNCS (LNAI), vol. 3097, pp. 385\u2013399. Springer, Heidelberg (2004)"},{"key":"29_CR10","doi-asserted-by":"crossref","unstructured":"Barthe, G., Crespo, J.M., Gr\u00e9goire, B., Kunz, C., Lakhnech, Y., Schmidt, B., Zanella B\u00e9guelin, S.: Fully automated analysis of padding-based encryption in the computational model. In: Sadeghi, A.-R., Gligor, V.D., Yung, M. (eds.) 20th Conference on Computer and Communications Security, ACM CCS 2013, 4\u20138 November 2013, Berlin, Germany, pp. 1247\u20131260. ACM Press (2011)","DOI":"10.1145\/2508859.2516663"},{"key":"29_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1007\/978-3-662-44371-2_6","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"G Barthe","year":"2014","unstructured":"Barthe, G., Fagerholm, E., Fiore, D., Mitchell, J., Scedrov, A., Schmidt, B.: Automated analysis of cryptographic assumptions in generic group models. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 95\u2013112. Springer, Heidelberg (2014)"},{"key":"29_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"355","DOI":"10.1007\/978-3-662-46447-2_16","volume-title":"Public-Key Cryptography \u2013 PKC 2015","author":"G Barthe","year":"2015","unstructured":"Barthe, G., Fagerholm, E., Fiore, D., Scedrov, A., Schmidt, B., Tibouchi, M.: Strongly-optimal structure preserving signatures from type\u00a0II pairings: synthesis and lower bounds. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 355\u2013376. Springer, Heidelberg (2015)"},{"key":"29_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/978-3-642-22792-9_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"G Barthe","year":"2011","unstructured":"Barthe, G., Gr\u00e9goire, B., Heraud, S., B\u00e9guelin, S.Z.: Computer-aided security proofs for the working cryptographer. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 71\u201390. Springer, Heidelberg (2011)"},{"key":"29_CR14","doi-asserted-by":"crossref","unstructured":"Barthe, G., Gr\u00e9goire, B., Schmidt, B.: Automated proofs of pairing-based cryptography. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 12\u201316 October 2015, Denver, CO, USA, pp. 1156\u20131168 (2015)","DOI":"10.1145\/2810103.2813697"},{"key":"29_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/11617990_3","volume-title":"Types for Proofs and Programs","author":"G Barthe","year":"2006","unstructured":"Barthe, G., Tarento, S.: A machine-checked formalization of the random oracle model. In: Filli\u00e2tre, J.-C., Paulin-Mohring, C., Werner, B. (eds.) TYPES 2004. LNCS, vol. 3839, pp. 33\u201349. Springer, Heidelberg (2006)"},{"key":"29_CR16","doi-asserted-by":"crossref","unstructured":"Blanchet, B.: A computationally sound mechanized prover for security protocols. In: IEEE Symposium on Security and Privacy, 21\u201324 May 2006, Berkeley, California, USA, pp. 140\u2013154. IEEE Computer Society Press (2006)","DOI":"10.1109\/SP.2006.1"},{"key":"29_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"440","DOI":"10.1007\/11426639_26","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"D Boneh","year":"2005","unstructured":"Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440\u2013456. Springer, Heidelberg (2005)"},{"key":"29_CR18","doi-asserted-by":"crossref","unstructured":"Chase, M., Meiklejohn, S., Zaverucha, G.: Algebraic MACs, keyed-verification anonymous credentials. In: Ahn, G.-J., Yung, M., Li, N. (eds.) 21st Conference on Computer and Communications Security, ACM CCS 2014, 3\u20137 November 2014, Scottsdale, AZ, USA, pp. 1205\u20131216. ACM Press (2011)","DOI":"10.1145\/2660267.2660328"},{"key":"29_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"286","DOI":"10.1007\/978-3-662-48797-6_13","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2015","author":"S Chatterjee","year":"2015","unstructured":"Chatterjee, S., Menezes, A.: Type 2 structure-preserving signature schemes revisited. In: Iwata, T., et al. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 286\u2013310. Springer, Heidelberg (2015). doi:\n                    10.1007\/978-3-662-48797-6_13"},{"key":"29_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1007\/978-3-540-78800-3_24","volume-title":"Tools and Algorithms for the Construction and Analysis of Systems","author":"L Moura de","year":"2008","unstructured":"de Moura, L., Bj\u00f8rner, N.S.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337\u2013340. Springer, Heidelberg (2008)"},{"key":"29_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-642-40084-1_8","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"A Escala","year":"2013","unstructured":"Escala, A., Herold, G., Kiltz, E., R\u00e0fols, C., Villar, J.: An algebraic framework for Diffie-Hellman assumptions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 129\u2013147. Springer, Heidelberg (2013)"},{"key":"29_CR22","unstructured":"Fagerholm, E.: Automated analysis in generic groups. Ph.D. thesis, University of Pennsylvania (2015)"},{"key":"29_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1007\/978-3-642-13190-5_3","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"DM Freeman","year":"2010","unstructured":"Freeman, D.M.: Converting pairing-based cryptosystems from composite-order groups to prime-order groups. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 44\u201361. Springer, Heidelberg (2010)"},{"key":"29_CR24","unstructured":"Fuchsbauer, G.: Breaking existential unforgeability of a signature scheme from asiacrypt 2014. Cryptology ePrint Archive, Report 2014\/892 (2014). \n                    http:\/\/eprint.iacr.org\/2014\/892"},{"key":"29_CR25","unstructured":"Fuchsbauer, G., Hanser, C., Slamanig, D.: EUF-CMA-secure structure-preserving signatures on equivalence classes. Cryptology ePrint Archive, Report 2014\/944 (2014). \n                    http:\/\/eprint.iacr.org\/2014\/944"},{"key":"29_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1007\/978-3-662-48797-6_11","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2015","author":"J Groth","year":"2015","unstructured":"Groth, J.: Efficient fully structure-preserving signatures for large messages. In: Iwata, T., et al. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 239\u2013259. Springer, Heidelberg (2015). doi:\n                    10.1007\/978-3-662-48797-6_11"},{"key":"29_CR27","doi-asserted-by":"crossref","unstructured":"Hoang, V.T., Katz, J., Malozemoff, A.J.: Automated analysis and synthesis of authenticated encryption schemes. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 12\u201316 October 2015, Denver, CO, USA, pp. 84\u201395 (2015)","DOI":"10.1145\/2810103.2813636"},{"key":"29_CR28","doi-asserted-by":"crossref","unstructured":"Hwang, J.Y., Lee, D.H., Yung, M.: Universal forgery of the identity-based sequential aggregate signature scheme. In: Li, W., Susilo, W., Tupakula, U.K., Safavi-Naini, R., Varadharajan, V. (eds.) 4th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2009, 10\u201312 March 2009, Sydney, Australia, pp. 157\u2013160. ACM Press (2011)","DOI":"10.1145\/1533057.1533080"},{"key":"29_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1007\/978-3-540-88733-1_14","volume-title":"Provable Security","author":"T Jager","year":"2008","unstructured":"Jager, T., Schwenk, J.: On the equivalence of generic group models. In: Baek, J., Bao, F., Chen, K., Lai, X. (eds.) ProvSec 2008. LNCS, vol. 5324, pp. 200\u2013209. Springer, Heidelberg (2008)"},{"key":"29_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"184","DOI":"10.1007\/3-540-46513-8_14","volume-title":"Selected Areas in Cryptography SAC 1999","author":"A Lysyanskaya","year":"2000","unstructured":"Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H., Adams, C. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184\u2013199. Springer, Heidelberg (2000)"},{"key":"29_CR31","doi-asserted-by":"crossref","unstructured":"Malozemoff, A.J., Katz, J., Green, M.D.: Automated analysis and synthesis of block-cipher modes of operation. In: IEEE 27th Computer Security Foundations Symposium, CSF 2014, 19\u201322 July 2014, Vienna, Austria, pp. 140\u2013152 (2014)","DOI":"10.1109\/CSF.2014.18"},{"key":"29_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11586821_1","volume-title":"Cryptography and Coding","author":"UM Maurer","year":"2005","unstructured":"Maurer, U.M.: Abstract models of computation in cryptography. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 1\u201312. Springer, Heidelberg (2005)"},{"issue":"2","key":"29_CR33","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/BF02113297","volume":"55","author":"V Nechaev","year":"1994","unstructured":"Nechaev, V.: Complexity of a determinate algorithm for the discrete logarithm. Math. Notes 55(2), 165\u2013172 (1994)","journal-title":"Math. Notes"},{"key":"29_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/978-3-319-29485-8_7","volume-title":"Topics in Cryptology - CT-RSA 2016","author":"D Pointcheval","year":"2016","unstructured":"Pointcheval, D., Sanders, O.: Short randomizable signatures. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 111\u2013126. Springer, Heidelberg (2016)"},{"key":"29_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"489","DOI":"10.1007\/978-3-540-89255-7_30","volume-title":"Advances in Cryptology - ASIACRYPT 2008","author":"A Rupp","year":"2008","unstructured":"Rupp, A., Leander, G., Bangerter, E., Dent, A.W., Sadeghi, A.-R.: Sufficient conditions for intractability over black-box groups: generic lower bounds for generalized DL and DH problems. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 489\u2013505. Springer, Heidelberg (2008)"},{"key":"29_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-45600-7_1","volume-title":"Information and Communications Security","author":"C-P Schnorr","year":"2001","unstructured":"Schnorr, C.-P.: Security of blind discrete log signatures against interactive attacks. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229, pp. 1\u201312. Springer, Heidelberg (2001)"},{"key":"29_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1007\/3-540-44448-3_7","volume-title":"Advances in Cryptology - ASIACRYPT 2000","author":"C-P Schnorr","year":"2000","unstructured":"Schnorr, C.-P., Jakobsson, M.: Security of signed ElGamal encryption. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 73\u201389. Springer, Heidelberg (2000)"},{"key":"29_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"Advances in Cryptology - EUROCRYPT \u201997","author":"V Shoup","year":"1997","unstructured":"Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256\u2013266. Springer, Heidelberg (1997)"},{"key":"29_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"166","DOI":"10.1007\/11889663_14","volume-title":"Financial Cryptography and Data Security","author":"M Szydlo","year":"2006","unstructured":"Szydlo, M.: A note on chosen-basis decisional Diffie-Hellman assumptions. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 166\u2013170. Springer, Heidelberg (2006)"},{"key":"29_CR40","unstructured":"The Sage Developers. Sage Mathematics Software (Version 6.8) (2015). \n                    http:\/\/www.sagemath.org"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2016"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-49896-5_29","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,28]],"date-time":"2020-04-28T00:05:43Z","timestamp":1588032343000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-49896-5_29"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783662498958","9783662498965"],"references-count":40,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-49896-5_29","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"28 April 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}