{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,29]],"date-time":"2026-04-29T00:41:51Z","timestamp":1777423311969,"version":"3.51.4"},"reference-count":48,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2016,8,10]],"date-time":"2016-08-10T00:00:00Z","timestamp":1470787200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2017,7]]},"DOI":"10.1007\/s00145-016-9234-8","type":"journal-article","created":{"date-parts":[[2016,8,10]],"date-time":"2016-08-10T20:01:35Z","timestamp":1470859295000},"page":"735-759","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Short Signatures from Diffie\u2013Hellman: Realizing Almost Compact Public Key"],"prefix":"10.1007","volume":"30","author":[{"given":"Jae Hong","family":"Seo","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,8,10]]},"reference":[{"key":"9234_CR1","doi-asserted-by":"crossref","unstructured":"M. Bellare, T. Ristenpart, Simulation without the artificial abort: simplified proof and improved concrete security for Waters\u2019 IBE scheme, in EUROCRYPT 2009, vol. 5479 of LNCS (Springer, 2009), pp. 407\u2013424","DOI":"10.1007\/978-3-642-01001-9_24"},{"key":"9234_CR2","doi-asserted-by":"crossref","unstructured":"M. Bellare, P. Rogaway, The exact security of digital signatures: how to sign with RSA and Rabin, in EUROCRYPT 1996, vol. 1070 of LNCS ( Springer, 1996), pp. 399\u2013416","DOI":"10.1007\/3-540-68339-9_34"},{"key":"9234_CR3","doi-asserted-by":"crossref","unstructured":"O. Blazy, E. Kiltz, J. Pan, (hierarchical) identity-based encryption from affine message authentication, in CRYPTO 2014, Part I, vol. 8616 of LNCS (Springer, 2014), pp 408\u2013425","DOI":"10.1007\/978-3-662-44371-2_23"},{"key":"9234_CR4","doi-asserted-by":"crossref","unstructured":"F. B\u00f6hl, D. Hofheinz, T. Jager, J. Koch, J. H. Seo, C. Striecks, Practical signatures from standard assumptions, in EUROCRYPT2013, vol. 7881 of LNCS (Springer, 2013)","DOI":"10.1007\/978-3-642-38348-9_28"},{"key":"9234_CR5","unstructured":"F. B\u00f6hl, D. Hofheinz, T. Jager, J. Koch, C. Striecks, Confined guessing: new signatures from standard assumptions, in Cryptology ePrint Archive (2013). http:\/\/eprint.iacr.org\/2013\/171"},{"key":"9234_CR6","unstructured":"F. B\u00f6hl, D. Hofheinz, T. Jager, J. Koch, C. Striecks, Confined guessing: new signatures from standard assumptions. J. Cryptol. 28, 176\u2013208 (2015)"},{"key":"9234_CR7","doi-asserted-by":"crossref","unstructured":"D. Boneh, X. Boyen, Efficient selective-id identity based encryption without random oracles, in EUROCRYPT 2004, vol. 3027 of LNCS (Springer, 2004), pp. 223\u2013238","DOI":"10.1007\/978-3-540-24676-3_14"},{"key":"9234_CR8","doi-asserted-by":"crossref","unstructured":"D. Boneh, X. Boyen, Short signatures without random oracles, in EUROCRYPT 2004, vol. 3027 of LNCS (Springer, 2004), pp. 382\u2013400","DOI":"10.1007\/978-3-540-24676-3_4"},{"key":"9234_CR9","doi-asserted-by":"crossref","unstructured":"D.\u00a0Boneh, X.\u00a0Boyen, Efficient selective identity-based encryption without random oracles. J. Cryptol. 24(4), 659\u2013693 (2011)","DOI":"10.1007\/s00145-010-9078-6"},{"key":"9234_CR10","doi-asserted-by":"crossref","unstructured":"D. Boneh, M. Franklin, Identity-based encryption from the Weil pairing, in CRYPTO 2001, vol. 2139 of LNCS (Springer-Verlag, 2001), pp. 19\u201323","DOI":"10.1007\/3-540-44647-8_13"},{"key":"9234_CR11","unstructured":"D. Boneh, B. Lynn, H. Shacham, Short signatures from the Weil pairing. J. Cryptol. 17, 297\u2013319 (2004)"},{"key":"9234_CR12","unstructured":"D. Brown, R. Gallant, The static Diffie\u2013Hellman problem. Available in http:\/\/eprint.iacr.org\/2004\/306"},{"key":"9234_CR13","doi-asserted-by":"crossref","unstructured":"J. Camenisch, A. Lysyanskaya, Signature schemes and anonymous credentials from bilinear maps, in CRYPTO 2004, vol. 3152 of LNCS (Springer, 2004), pp. 56\u201372","DOI":"10.1007\/978-3-540-28628-8_4"},{"key":"9234_CR14","doi-asserted-by":"crossref","unstructured":"R. Canetti, O. Goldreich, S. Halevi, The random oracle methodology, revisited, in ACM STOC 2003, pp. 209\u2013218","DOI":"10.1145\/276698.276741"},{"key":"9234_CR15","doi-asserted-by":"crossref","unstructured":"S. Chatterjee, D. Hankerson, E. Knapp, A. Menezes, Comparing two pairing-based aggregate signature schemes, in Designs, Codes and Cryptography, vol.\u00a055 (Springer, 2010), pp. 141\u2013167","DOI":"10.1007\/s10623-009-9334-7"},{"key":"9234_CR16","doi-asserted-by":"crossref","unstructured":"J. Chen, H.W. Lim, S. Ling, H. Wang, H. Wee, Shorter IBE and signatures via asymmetric pairings, in Pairing 2012, vol. 7708 of LNCS (Springer, 2012), pp. 122\u2013140","DOI":"10.1007\/978-3-642-36334-4_8"},{"key":"9234_CR17","doi-asserted-by":"crossref","unstructured":"J. Chen, H. Wee, Fully, (almost) tightly secure IBE and dual system groups, in CRYPTO 2013, vol. 8043 of LNCS (Springer, 2013), pp. 435\u2013460","DOI":"10.1007\/978-3-642-40084-1_25"},{"key":"9234_CR18","unstructured":"J.H. Cheon. Discrete logarithm problems with auxiliary inputs. J. Cryptol. 23, 457\u2013476 (2010)"},{"key":"9234_CR19","doi-asserted-by":"crossref","unstructured":"R. Cramer, I.Damg\u00e5rd, New generation of secure and practical rsa-based signatures, in CRYPTO 1996, vol. 1109 of LNCS (Springer, 1996), pp. 173\u2013185","DOI":"10.1007\/3-540-68697-5_14"},{"key":"9234_CR20","doi-asserted-by":"crossref","unstructured":"R. Cramer, V. Shoup, Signature schemes based on the strong rsa assumption, in ACM CCS 1999 (ACM Press, 1999), pp. 46\u201351","DOI":"10.1145\/319709.319716"},{"key":"9234_CR21","doi-asserted-by":"crossref","unstructured":"Y. Dodis, R. Oliveira, K. Pietrzak, On the generic insecurity of the full domain hash, in CRYPTO 2005, vol. 3621 of LNCS (Springer, 2005), pp. 449\u2013466","DOI":"10.1007\/11535218_27"},{"key":"9234_CR22","doi-asserted-by":"crossref","unstructured":"C. Dwork, M. Naor, An efficient existentially unforgeable signature scheme and its applications, in CRYPTO 1994, vol. 839 of LNCS (Springer, 1994), pp. 234\u2013246","DOI":"10.1007\/3-540-48658-5_23"},{"key":"9234_CR23","doi-asserted-by":"crossref","unstructured":"T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithms, in G.R. Blakely, D. Chaum, editors, CRYPTO 1984, vol. 196 of LNCS (Springer-Verlag, 1984), pp. 10\u201318","DOI":"10.1007\/3-540-39568-7_2"},{"key":"9234_CR24","doi-asserted-by":"crossref","unstructured":"M. Fischlin, The Cramer-Shoup strong-RSA signature scheme revisited, in PKC 2003, vol. 2567 of LNCS (Springer, 2003), pp. 116\u2013129","DOI":"10.1007\/3-540-36288-6_9"},{"key":"9234_CR25","doi-asserted-by":"crossref","unstructured":"R. Gennaro, S. Halevi, T. Rabin, Secure hash-and-sign signatures without the random oracle, in EUROCRYPT 1999, vol. 1592 of LNCS (Springer, 1999), pp. 123\u2013139","DOI":"10.1007\/3-540-48910-X_9"},{"key":"9234_CR26","doi-asserted-by":"crossref","unstructured":"C. Gentry, C. Peikert, V. Vaikuntanathan, Trapdoors for hard lattices and new cryptographic constructions, in ACM STOC 2008 2008, pp. 197\u2013206","DOI":"10.1145\/1374376.1374407"},{"key":"9234_CR27","unstructured":"E.-J. Goh, S. Jarecki, J. Katz, N. Wang Efficient signature schemes with tight reductions to the Diffie\u2013Hellman problems. J. Cryptol. 20, 493\u2013514 (2007)"},{"key":"9234_CR28","doi-asserted-by":"crossref","unstructured":"O. Goldreich, Two remarks concerning the Goldwasser\u2013Micali\u2013Rivest signature scheme, in CRYPTO 1986, vol. 263 of LNCS (Springer, 1987), pp. 104\u2013110","DOI":"10.1007\/3-540-47721-7_8"},{"key":"9234_CR29","unstructured":"S. Goldwasser, S. Micali, R. L. Rivest. A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17, 281\u2013308 (1988)"},{"key":"9234_CR30","doi-asserted-by":"crossref","unstructured":"D. Hofheinz, T. Jager, E. Kiltz, Short signatures from weaker assumptions. in ASIACRYPT 2011, vol. 7073 of LNCS (Springer, 2011), pp. 647\u2013666","DOI":"10.1007\/978-3-642-25385-0_35"},{"key":"9234_CR31","doi-asserted-by":"crossref","unstructured":"D. Hofheinz, T. Jager, E. Knapp, Waters signatures with optimal security reduction, in PKC 2012, vol. 7293 of LNCS (Springer, 2012), pp. 66\u201383","DOI":"10.1007\/978-3-642-30057-8_5"},{"key":"9234_CR32","unstructured":"D. Hofheinz, E. Kiltz. Programmable hash functions and their applications. J. Cryptol. 25, 484\u2013527 (2012)"},{"key":"9234_CR33","doi-asserted-by":"crossref","unstructured":"S. Hohenberger, B. Waters, Realizing hash-and-sign signatures under standard assumptions, in EUROCRYPT 2009, vol. 5479 of LNCS (Springer, 2009), pp. 333\u2013350","DOI":"10.1007\/978-3-642-01001-9_19"},{"key":"9234_CR34","doi-asserted-by":"crossref","unstructured":"S. Hohenberger, B. Waters, Short and stateless signatures from the rsa assumption, in CRYPTO 2009, vol. 5677 of LNCS (Springer, 2009), pp. 654\u2013670","DOI":"10.1007\/978-3-642-03356-8_38"},{"key":"9234_CR35","doi-asserted-by":"crossref","unstructured":"C.S. Jutla, A. Roy, Shorter quasi-adaptive NIZK proofs for linear subspaces, in ASIACRYPT 2013, Part I, vol. 8269 of LNCS (Springer, 2013), pp. 1\u201320","DOI":"10.1007\/978-3-642-42033-7_1"},{"key":"9234_CR36","unstructured":"H. Krawczyk, T. Rabin, Chameleon signatures, in NDSS 2000 (The Internet Society, 2000)"},{"key":"9234_CR37","doi-asserted-by":"crossref","unstructured":"G. Leurent, P.Q. Nguyen, How risky is the random-oracle model?, in S.\u00a0Halevi, editor, CRYPTO 2009, vol. 5677 of LNCS (Springer, 2009), pp. 445\u2013464","DOI":"10.1007\/978-3-642-03356-8_26"},{"key":"9234_CR38","doi-asserted-by":"crossref","unstructured":"A. Lysyanskaya, R. Rivest, A. Sahai, S. Wolf, Pseudonym systems, in SAC 1999, vol. 1758 of LNCS (Springer, 1999), pp. 184\u2013199","DOI":"10.1007\/3-540-46513-8_14"},{"key":"9234_CR39","doi-asserted-by":"crossref","unstructured":"D.\u00a0Naccache. Secure and practical identity-based encryption. IET Inf. Secur. 1(2), 59\u201364 (2007)","DOI":"10.1049\/iet-ifs:20055097"},{"key":"9234_CR40","doi-asserted-by":"crossref","unstructured":"M. Naor, On cryptographic assumptions and challenges, in CRYPTO 2003, vol. 2729 of LNCS (Springer, 2003), pp. 96\u2013109","DOI":"10.1007\/978-3-540-45146-4_6"},{"key":"9234_CR41","doi-asserted-by":"crossref","unstructured":"T. Okamoto, Provably secure and practical identification schemes and corresponding signature schemes, in CRYPTO 1992, vol. 740 of LNCS (Springer, 1992), pp. 31\u201353","DOI":"10.1007\/3-540-48071-4_3"},{"key":"9234_CR42","doi-asserted-by":"crossref","unstructured":"T. Okamoto, Efficient blind and partially blind signatures without random oracles, in TCC 2006, vol. 3876 of LNCS (Springer, 2006), pp. 80\u201399","DOI":"10.1007\/11681878_5"},{"key":"9234_CR43","unstructured":"C.P. Schnorr. Efficient signature generation for smart cards. J. Cryptol. 4, 239\u2013252 (1991)"},{"key":"9234_CR44","unstructured":"J.H. Seo, Short signature from Diffie\u2013Hellman: Realizing short public key, in Cryptology ePrint Archive 2012. http:\/\/eprint.iacr.org\/2012\/480 ."},{"key":"9234_CR45","doi-asserted-by":"crossref","unstructured":"A. Shamir, Y. Tauman, Improved online\/offline signature schemes, in CRYPTO 2001, vol. 2139 of LNCS (Springer, 2001), pp. 355\u2013367","DOI":"10.1007\/3-540-44647-8_21"},{"key":"9234_CR46","doi-asserted-by":"crossref","unstructured":"B.\u00a0Waters, Efficient identity-based encryption without random oracles, in EUROCRYPT 2005, vol. 3494 of LNCS (Springer, 2005), pp. 114\u2013127","DOI":"10.1007\/11426639_7"},{"key":"9234_CR47","doi-asserted-by":"crossref","unstructured":"B. Waters, Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions, in S.\u00a0Halevi, editor, CRYPTO 2009, vol. 5677 of LNCS (Springer, 2009), pp. 619\u2013636","DOI":"10.1007\/978-3-642-03356-8_36"},{"key":"9234_CR48","doi-asserted-by":"crossref","unstructured":"S. Yamada, G. Hanaoka, N, Kunihiro. Space efficient signature schemes from the RSA assumption, in PKC 2012, vol. 7293 of LNCS (Springer, 2012), pp. 102\u2013119","DOI":"10.1007\/978-3-642-30057-8_7"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-016-9234-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-016-9234-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-016-9234-8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-016-9234-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,4]],"date-time":"2025-06-04T17:00:10Z","timestamp":1749056410000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-016-9234-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,8,10]]},"references-count":48,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2017,7]]}},"alternative-id":["9234"],"URL":"https:\/\/doi.org\/10.1007\/s00145-016-9234-8","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,8,10]]},"assertion":[{"value":"14 December 2014","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 June 2016","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 August 2016","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}