{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T02:29:02Z","timestamp":1775096942444,"version":"3.50.1"},"reference-count":66,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2016,4,25]],"date-time":"2016-04-25T00:00:00Z","timestamp":1461542400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2017,7]]},"DOI":"10.1007\/s00145-016-9231-y","type":"journal-article","created":{"date-parts":[[2016,4,25]],"date-time":"2016-04-25T16:05:52Z","timestamp":1461600352000},"page":"601-671","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Reconciling Non-malleability with Homomorphic Encryption"],"prefix":"10.1007","volume":"30","author":[{"given":"Manoj","family":"Prabhakaran","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mike","family":"Rosulek","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,4,25]]},"reference":[{"key":"9231_CR1","doi-asserted-by":"crossref","unstructured":"J.\u00a0H. Ahn, D.\u00a0Boneh, J.\u00a0Camenisch, S.\u00a0Hohenberger, abhi shelat, and B.\u00a0Waters. Computing on authenticated data. In R.\u00a0Cramer, editor, TCC, volume 7194 of Lecture Notes in Computer Science, pp. 1\u201320. Springer, 2012.","DOI":"10.1007\/978-3-642-28914-9_1"},{"key":"9231_CR2","unstructured":"J.\u00a0H. An, Y.\u00a0Dodis, and T.\u00a0Rabin. On the security of joint signature and encryption. In Knudsen [46], pp. 83\u2013107."},{"key":"9231_CR3","unstructured":"J.\u00a0K. Andersen and E.\u00a0W. Weisstein. Cunningham chain. From MathWorld\u2013A Wolfram Web Resource. http:\/\/mathworld.wolfram.com\/CunninghamChain.html , 2005."},{"key":"9231_CR4","doi-asserted-by":"crossref","unstructured":"M.\u00a0Bellare, A.\u00a0Boldyreva, A.\u00a0Desai, and D.\u00a0Pointcheval. Key-privacy in public-key encryption. In C.\u00a0Boyd, editor, ASIACRYPT, volume 2248 of Lecture Notes in Computer Science, pp. 566\u2013582. Springer, 2001.","DOI":"10.1007\/3-540-45682-1_33"},{"key":"9231_CR5","doi-asserted-by":"crossref","unstructured":"M.\u00a0Bellare and A.\u00a0Sahai. Non-malleable encryption: Equivalence between two notions, and an indistinguishability-based characterization. In M.\u00a0J. Wiener, editor, CRYPTO, volume 1666 of Lecture Notes in Computer Science, pp. 519\u2013536. Springer, 1999.","DOI":"10.1007\/3-540-48405-1_33"},{"key":"9231_CR6","unstructured":"J.\u00a0Benaloh. Verifiable Secret-Ballot Elections. PhD thesis, Department of Computer Science, Yale University, 1987."},{"key":"9231_CR7","doi-asserted-by":"crossref","unstructured":"M.\u00a0Blaze, G.\u00a0Bleumer, and M.\u00a0Strauss. Divertible protocols and atomic proxy cryptography. In K.\u00a0Nyberg, editor, EUROCRYPT, volume 1403 of Lecture Notes in Computer Science, pp. 127\u2013144. Springer, 1998.","DOI":"10.1007\/BFb0054122"},{"key":"9231_CR8","doi-asserted-by":"crossref","unstructured":"D.\u00a0Boneh. The decision Diffie-Hellman problem. In J.\u00a0Buhler, editor, ANTS, volume 1423 of Lecture Notes in Computer Science, pp. 48\u201363. Springer, 1998.","DOI":"10.1007\/BFb0054851"},{"key":"9231_CR9","unstructured":"D.\u00a0Boneh, editor. Advances in Cryptology - CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 2003, Proceedings, volume 2729 of Lecture Notes in Computer Science. Springer, 2003."},{"key":"9231_CR10","doi-asserted-by":"crossref","unstructured":"D.\u00a0Boneh, E.-J. Goh, and K.\u00a0Nissim. Evaluating 2-DNF formulas on ciphertexts. In Kilian [44], pp. 325\u2013341.","DOI":"10.1007\/978-3-540-30576-7_18"},{"key":"9231_CR11","doi-asserted-by":"crossref","unstructured":"D.\u00a0Boneh, G.\u00a0Segev, and B.\u00a0Waters. Targeted malleability: homomorphic encryption for restricted computations. In S.\u00a0Goldwasser, editor, ITCS, pp. 350\u2013366. ACM, 2012.","DOI":"10.1145\/2090236.2090264"},{"key":"9231_CR12","doi-asserted-by":"crossref","unstructured":"D.\u00a0Boneh and B.\u00a0Waters. Conjunctive, subset, and range queries on encrypted data. In Vadhan [65], pp. 535\u2013554.","DOI":"10.1007\/978-3-540-70936-7_29"},{"key":"9231_CR13","doi-asserted-by":"crossref","unstructured":"A.\u00a0Broadbent and A.\u00a0Tapp. Information-theoretic security without an honest majority. In Kurosawa [48], pp. 410\u2013426.","DOI":"10.1007\/978-3-540-76900-2_25"},{"key":"9231_CR14","doi-asserted-by":"crossref","unstructured":"R.\u00a0Canetti. Universally composable security: A new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000\/067, 2005.","DOI":"10.1109\/SFCS.2001.959888"},{"key":"9231_CR15","doi-asserted-by":"crossref","unstructured":"R.\u00a0Canetti, S.\u00a0Halevi, and J.\u00a0Katz. Chosen-ciphertext security from identity-based encryption. In C.\u00a0Cachin and J.\u00a0Camenisch, editors, EUROCRYPT, volume 3027 of Lecture Notes in Computer Science, pp. 207\u2013222. Springer, 2004.","DOI":"10.1007\/978-3-540-24676-3_13"},{"key":"9231_CR16","doi-asserted-by":"crossref","unstructured":"R.\u00a0Canetti and J.\u00a0Herzog. Universally composable symbolic analysis of mutual authentication and key-exchange protocols. In Halevi and Rabin [39], pp. 380\u2013403.","DOI":"10.1007\/11681878_20"},{"key":"9231_CR17","doi-asserted-by":"crossref","unstructured":"R.\u00a0Canetti and S.\u00a0Hohenberger. Chosen-ciphertext secure proxy re-encryption. In P.\u00a0Ning, S.\u00a0D.\u00a0C. di\u00a0Vimercati, and P.\u00a0F. Syverson, editors, ACM Conference on Computer and Communications Security, pp. 185\u2013194. ACM, 2007.","DOI":"10.1145\/1315245.1315269"},{"key":"9231_CR18","doi-asserted-by":"crossref","unstructured":"R.\u00a0Canetti, H.\u00a0Krawczyk, and J.\u00a0B. Nielsen. Relaxing chosen-ciphertext security. In Boneh [9], pp. 565\u2013582.","DOI":"10.1007\/978-3-540-45146-4_33"},{"key":"9231_CR19","doi-asserted-by":"crossref","unstructured":"M.\u00a0Chase, M.\u00a0Kohlweiss, A.\u00a0Lysyanskaya, and S.\u00a0Meiklejohn. Malleable proof systems and applications. In D.\u00a0Pointcheval and T.\u00a0Johansson, editors, EUROCRYPT, volume 7237 of Lecture Notes in Computer Science, pp. 281\u2013300. Springer, 2012.","DOI":"10.1007\/978-3-642-29011-4_18"},{"issue":"2","key":"9231_CR20","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1145\/358549.358563","volume":"24","author":"D Chaum","year":"1981","unstructured":"D.\u00a0Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM, 24(2):84\u201388, 1981.","journal-title":"Commun. ACM"},{"key":"9231_CR21","unstructured":"B.\u00a0Chor, N.\u00a0Gilboa, and M.\u00a0Naor. Private information retrieval by keywords. TR CS0917, Department of Computer Science, Technion, 1997."},{"key":"9231_CR22","doi-asserted-by":"crossref","unstructured":"R.\u00a0Cramer, M.\u00a0K. Franklin, B.\u00a0Schoenmakers, and M.\u00a0Yung. Multi-authority secret-ballot elections with linear work. In U.\u00a0M. Maurer, editor, EUROCRYPT, volume 1070 of Lecture Notes in Computer Science, pp. 72\u201383. Springer, 1996.","DOI":"10.1007\/3-540-68339-9_7"},{"key":"9231_CR23","doi-asserted-by":"crossref","unstructured":"R.\u00a0Cramer and V.\u00a0Shoup. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In H.\u00a0Krawczyk, editor, CRYPTO, volume 1462 of Lecture Notes in Computer Science, pp. 13\u201325. Springer, 1998.","DOI":"10.1007\/BFb0055717"},{"key":"9231_CR24","doi-asserted-by":"crossref","unstructured":"R.\u00a0Cramer and V.\u00a0Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Knudsen [46], pp. 45\u201364.","DOI":"10.1007\/3-540-46035-7_4"},{"key":"9231_CR25","doi-asserted-by":"crossref","unstructured":"I.\u00a0Damg\u00e5rd, N.\u00a0Fazio, and A.\u00a0Nicolosi. Non-interactive zero-knowledge from homomorphic encryption. In Halevi and Rabin [39], pp. 41\u201359.","DOI":"10.1007\/11681878_3"},{"key":"9231_CR26","doi-asserted-by":"crossref","unstructured":"I.\u00a0Damg\u00e5rd and J.\u00a0B. Nielsen. Universally composable efficient multiparty computation from threshold homomorphic encryption. In Boneh [9], pp. 247\u2013264.","DOI":"10.1007\/978-3-540-45146-4_15"},{"issue":"6","key":"9231_CR27","doi-asserted-by":"publisher","first-page":"393","DOI":"10.1007\/s10207-007-0033-y","volume":"6","author":"G Danezis","year":"2007","unstructured":"G.\u00a0Danezis. Breaking four mix-related schemes based on universal re-encryption. Int. J. Inf. Sec., 6(6):393\u2013402, 2007.","journal-title":"Int. J. Inf. Sec."},{"key":"9231_CR28","doi-asserted-by":"crossref","unstructured":"D.\u00a0Dolev, C.\u00a0Dwork, and M.\u00a0Naor. Non-malleable cryptography (extended abstract). In C.\u00a0Koutsougeras and J.\u00a0S. Vitter, editors, STOC, pp. 542\u2013552. ACM, 1991.","DOI":"10.1145\/103418.103474"},{"key":"9231_CR29","doi-asserted-by":"crossref","unstructured":"T.\u00a0El Gamal. A public key cryptosystem and a signature scheme based on discrete logarithms. In G.\u00a0R. Blakley and D.\u00a0Chaum, editors, CRYPTO, volume 196 of Lecture Notes in Computer Science, pp. 10\u201318. Springer, 1984.","DOI":"10.1007\/3-540-39568-7_2"},{"key":"9231_CR30","unstructured":"Free Haven Project. Anonymity bibliography. http:\/\/freehaven.net\/anonbib\/ , 2006."},{"key":"9231_CR31","doi-asserted-by":"crossref","unstructured":"C.\u00a0Gentry. Fully homomorphic encryption using ideal lattices. In M.\u00a0Mitzenmacher, editor, STOC, pp. 169\u2013178. ACM, 2009.","DOI":"10.1145\/1536414.1536440"},{"key":"9231_CR32","doi-asserted-by":"crossref","unstructured":"Y.\u00a0Gertner, T.\u00a0Malkin, and S.\u00a0Myers. Towards a separation of semantic and CCA security for public key encryption. In Vadhan [65], pp. 434\u2013455.","DOI":"10.1007\/978-3-540-70936-7_24"},{"key":"9231_CR33","doi-asserted-by":"crossref","unstructured":"S.\u00a0Goldwasser and S.\u00a0Micali. Probabilistic encryption. J.\u00a0Comput. Syst. Sci., 28(2):270\u2013299, Apr. 1984. Preliminary version appeared in STOC\u2019 82.","DOI":"10.1016\/0022-0000(84)90070-9"},{"key":"9231_CR34","doi-asserted-by":"crossref","unstructured":"P.\u00a0Golle, M.\u00a0Jakobsson, A.\u00a0Juels, and P.\u00a0F. Syverson. Universal re-encryption for mixnets. In T.\u00a0Okamoto, editor, CT-RSA, volume 2964 of Lecture Notes in Computer Science, pp. 163\u2013178. Springer, 2004.","DOI":"10.1007\/978-3-540-24660-2_14"},{"key":"9231_CR35","doi-asserted-by":"crossref","unstructured":"J.\u00a0Groth. A verifiable secret shuffle of homomorphic encryptions. In Y.\u00a0Desmedt, editor, Public Key Cryptography, volume 2567 of Lecture Notes in Computer Science, pp. 145\u2013160. Springer, 2003.","DOI":"10.1007\/3-540-36288-6_11"},{"key":"9231_CR36","doi-asserted-by":"crossref","unstructured":"J.\u00a0Groth. Rerandomizable and replayable adaptive chosen ciphertext attack secure cryptosystems. In Naor [50], pp. 152\u2013170.","DOI":"10.1007\/978-3-540-24638-1_9"},{"key":"9231_CR37","doi-asserted-by":"crossref","unstructured":"J.\u00a0Groth and S.\u00a0Lu. A non-interactive shuffle with pairing based verifiability. In Kurosawa [48], pp. 51\u201367.","DOI":"10.1007\/978-3-540-76900-2_4"},{"key":"9231_CR38","doi-asserted-by":"crossref","unstructured":"J.\u00a0Groth and S.\u00a0Lu. Verifiable shuffle of large size ciphertexts. In T.\u00a0Okamoto and X.\u00a0Wang, editors, Public Key Cryptography, volume 4450 of Lecture Notes in Computer Science, pp. 377\u2013392. Springer, 2007.","DOI":"10.1007\/978-3-540-71677-8_25"},{"key":"9231_CR39","doi-asserted-by":"crossref","unstructured":"S.\u00a0Halevi and T.\u00a0Rabin, editors. Theory of Cryptography, Third Theory of Cryptography Conference, TCC 2006, New York, NY, USA, March 4-7, 2006, Proceedings, volume 3876 of Lecture Notes in Computer Science. Springer, 2006.","DOI":"10.1007\/11681878"},{"key":"9231_CR40","doi-asserted-by":"crossref","unstructured":"M.\u00a0Hirt and K.\u00a0Sako. Efficient receipt-free voting based on homomorphic encryption. In B.\u00a0Preneel, editor, EUROCRYPT, volume 1807 of Lecture Notes in Computer Science, pp. 539\u2013556. Springer, 2000.","DOI":"10.1007\/3-540-45539-6_38"},{"key":"9231_CR41","doi-asserted-by":"crossref","unstructured":"Y.\u00a0Ishai, E.\u00a0Kushilevitz, and R.\u00a0Ostrovsky. Sufficient conditions for collision-resistant hashing. In Kilian [44], pp. 445\u2013456.","DOI":"10.1007\/978-3-540-30576-7_24"},{"key":"9231_CR42","unstructured":"M.\u00a0J. Jurik. Extensions to the Paillier Cryptosystem with Applications to Cryptological Protocols. PhD thesis, BRICS, 2003."},{"key":"9231_CR43","doi-asserted-by":"crossref","unstructured":"A.\u00a0Kiayias and M.\u00a0Yung. Non-interactive zero-sharing with applications to private distributed decision making. In R.\u00a0N. Wright, editor, Financial Cryptography, volume 2742 of Lecture Notes in Computer Science, pp. 303\u2013320. Springer, 2003.","DOI":"10.1007\/978-3-540-45126-6_22"},{"key":"9231_CR44","doi-asserted-by":"crossref","unstructured":"J.\u00a0Kilian, editor. Theory of Cryptography, Second Theory of Cryptography Conference, TCC 2005, Cambridge, MA, USA, February 10-12, 2005, Proceedings, volume 3378 of Lecture Notes in Computer Science. Springer, 2005.","DOI":"10.1007\/b106171"},{"key":"9231_CR45","unstructured":"M.\u00a0Klonowski, M.\u00a0Kutylowski, A.\u00a0Lauks, and F.\u00a0Zag\u00f3rski. Universal re-encryption of signatures and controlling anonymous information flow. In WARTACRYPT \u201904 Conference on Cryptology. Bedlewo\/Poznan, 2006."},{"key":"9231_CR46","doi-asserted-by":"crossref","unstructured":"L.\u00a0R. Knudsen, editor. Advances in Cryptology - EUROCRYPT 2002, International Conference on the Theory and Applications of Cryptographic Techniques, Amsterdam, The Netherlands, April 28 - May 2, 2002, Proceedings, volume 2332 of Lecture Notes in Computer Science. Springer, 2002.","DOI":"10.1007\/3-540-46035-7"},{"key":"9231_CR47","unstructured":"T.\u00a0Koshy. Elementary Number Theory with Applications. Academic Press, 2001."},{"key":"9231_CR48","doi-asserted-by":"crossref","unstructured":"K.\u00a0Kurosawa, editor. Advances in Cryptology - ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007, Proceedings, volume 4833 of Lecture Notes in Computer Science. Springer, 2007.","DOI":"10.1007\/978-3-540-76900-2"},{"key":"9231_CR49","doi-asserted-by":"crossref","unstructured":"P.\u00a0D. MacKenzie, M.\u00a0K. Reiter, and K.\u00a0Yang. Alternatives to non-malleability: Definitions, constructions, and applications (extended abstract). In Naor [50], pp. 171\u2013190.","DOI":"10.1007\/978-3-540-24638-1_10"},{"key":"9231_CR50","doi-asserted-by":"crossref","unstructured":"M.\u00a0Naor, editor. Theory of Cryptography, First Theory of Cryptography Conference, TCC 2004, Cambridge, MA, USA, February 19-21, 2004, Proceedings, volume 2951 of Lecture Notes in Computer Science. Springer, 2004.","DOI":"10.1007\/b95566"},{"key":"9231_CR51","doi-asserted-by":"crossref","unstructured":"M.\u00a0Naor and M.\u00a0Yung. Public-key cryptosystems provably secure against chosen ciphertext attacks. In H.\u00a0Ortiz, editor, STOC, pp. 427\u2013437. ACM, 1990.","DOI":"10.1145\/100216.100273"},{"key":"9231_CR52","doi-asserted-by":"crossref","unstructured":"P.\u00a0Paillier. Public-key cryptosystems based on composite degree residuosity classes. In J.\u00a0Stern, editor, EUROCRYPT, volume 1592 of Lecture Notes in Computer Science, pp. 223\u2013238. Springer, 1999.","DOI":"10.1007\/3-540-48910-X_16"},{"key":"9231_CR53","unstructured":"A.\u00a0Patil. On symbolic analysis of cryptographic protocols. Master\u2019s thesis, Massachusetts Institute of Technology, 2005."},{"key":"9231_CR54","doi-asserted-by":"crossref","unstructured":"M.\u00a0Prabhakaran and M.\u00a0Rosulek. Rerandomizable RCCA encryption. In A.\u00a0Menezes, editor, CRYPTO, volume 4622 of Lecture Notes in Computer Science, pp. 517\u2013584. Springer, 2007. Full version available from http:\/\/eprint.iacr.org\/2007\/119 .","DOI":"10.1007\/978-3-540-74143-5_29"},{"key":"9231_CR55","doi-asserted-by":"crossref","unstructured":"M.\u00a0Prabhakaran and M.\u00a0Rosulek. Cryptographic complexity of multi-party computation problems: Classifications and separations. In D.\u00a0Wagner, editor, CRYPTO, volume 5157 of Lecture Notes in Computer Science, pp. 262\u2013279. Springer, 2008.","DOI":"10.1007\/978-3-540-85174-5_15"},{"key":"9231_CR56","doi-asserted-by":"crossref","unstructured":"M.\u00a0Prabhakaran and M.\u00a0Rosulek. Homomorphic encryption with CCA security. In L.\u00a0Aceto, I.\u00a0Damg\u00e5rd, L.\u00a0A. Goldberg, M.\u00a0M. Halld\u00f3rsson, A.\u00a0Ing\u00f3lfsd\u00f3ttir, and I.\u00a0Walukiewicz, editors, ICALP (2), volume 5126 of Lecture Notes in Computer Science, pp. 667\u2013678. Springer, 2008. Full version available from http:\/\/eprint.iacr.org\/2008\/079 .","DOI":"10.1007\/978-3-540-70583-3_54"},{"key":"9231_CR57","doi-asserted-by":"crossref","unstructured":"M.\u00a0Prabhakaran and M.\u00a0Rosulek. Towards robust computation on encrypted data. In J.\u00a0Pieprzyk, editor, ASIACRYPT, volume 5350 of Lecture Notes in Computer Science, pp. 216\u2013233. Springer, 2008.","DOI":"10.1007\/978-3-540-89255-7_14"},{"key":"9231_CR58","doi-asserted-by":"crossref","unstructured":"C.\u00a0Rackoff and D.\u00a0R. Simon. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In J.\u00a0Feigenbaum, editor, CRYPTO, volume 576 of Lecture Notes in Computer Science, pp. 433\u2013444. Springer, 1991.","DOI":"10.1007\/3-540-46766-1_35"},{"key":"9231_CR59","unstructured":"M.\u00a0Rosulek. The Structure of Secure Multi-Party Computation. PhD thesis, Department of Computer Science, University of Illinois at Urbana-Champaign, 2009."},{"key":"9231_CR60","doi-asserted-by":"crossref","unstructured":"A.\u00a0Sahai. Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security. In P.\u00a0Beame, editor, FOCS, pp. 543\u2013553, 1999.","DOI":"10.1109\/SFFCS.1999.814628"},{"key":"9231_CR61","doi-asserted-by":"crossref","unstructured":"K.\u00a0Sako and J.\u00a0Kilian. Secure voting using partially compatible homomorphisms. In Y.\u00a0Desmedt, editor, CRYPTO, volume 839 of Lecture Notes in Computer Science, pp. 411\u2013424. Springer, 1994.","DOI":"10.1007\/3-540-48658-5_37"},{"key":"9231_CR62","doi-asserted-by":"crossref","unstructured":"T.\u00a0Sander, A.\u00a0Young, and M.\u00a0Yung. Non-interactive cryptocomputing for NC $$^{1}$$ 1 . In P.\u00a0Beame, editor, FOCS, pp. 554\u2013567, 1999.","DOI":"10.1109\/SFFCS.1999.814630"},{"key":"9231_CR63","unstructured":"V.\u00a0Shoup. A proposal for an ISO standard for public key encryption. Cryptology ePrint Archive, Report 2001\/112, 2001. http:\/\/eprint.iacr.org\/ ."},{"key":"9231_CR64","unstructured":"D.\u00a0X. Song, D.\u00a0Wagner, and A.\u00a0Perrig. Practical techniques for searches on encrypted data. In IEEE Symposium on Security and Privacy, pp. 44\u201355, 2000."},{"key":"9231_CR65","doi-asserted-by":"crossref","unstructured":"S.\u00a0P. Vadhan, editor. Theory of Cryptography, 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, The Netherlands, February 21-24, 2007, Proceedings, volume 4392 of Lecture Notes in Computer Science. Springer, 2007.","DOI":"10.1007\/978-3-540-70936-7"},{"key":"9231_CR66","doi-asserted-by":"crossref","unstructured":"D.\u00a0Wikstr\u00f6m. A note on the malleability of the El Gamal cryptosystem. In A.\u00a0Menezes and P.\u00a0Sarkar, editors, INDOCRYPT, volume 2551 of Lecture Notes in Computer Science, pp. 176\u2013184. Springer, 2002.","DOI":"10.1007\/3-540-36231-2_15"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-016-9231-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-016-9231-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-016-9231-y","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-016-9231-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,2]],"date-time":"2025-06-02T21:40:32Z","timestamp":1748900432000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-016-9231-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,4,25]]},"references-count":66,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2017,7]]}},"alternative-id":["9231"],"URL":"https:\/\/doi.org\/10.1007\/s00145-016-9231-y","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,4,25]]},"assertion":[{"value":"9 April 2010","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 February 2016","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 April 2016","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}