{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,21]],"date-time":"2026-05-21T03:37:54Z","timestamp":1779334674207,"version":"3.51.4"},"reference-count":87,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2018,2,15]],"date-time":"2018-02-15T00:00:00Z","timestamp":1518652800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2019,4]]},"DOI":"10.1007\/s00145-018-9281-4","type":"journal-article","created":{"date-parts":[[2018,2,15]],"date-time":"2018-02-15T19:53:21Z","timestamp":1518724401000},"page":"498-546","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":117,"title":["Structure-Preserving Signatures on Equivalence Classes and Constant-Size Anonymous Credentials"],"prefix":"10.1007","volume":"32","author":[{"given":"Georg","family":"Fuchsbauer","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christian","family":"Hanser","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniel","family":"Slamanig","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,2,15]]},"reference":[{"key":"9281_CR1","doi-asserted-by":"crossref","unstructured":"J.H. Ahn, D. Boneh, J. Camenisch, S. Hohenberger, A. Shelat, B. Waters, Computing on authenticated data, in Ronald Cramer, editor, TCC\u00a02012, volume 7194 of LNCS. (Springer, Heidelberg, March 2012), pp. 1\u201320","DOI":"10.1007\/978-3-642-28914-9_1"},{"key":"9281_CR2","doi-asserted-by":"crossref","unstructured":"M. Abe, M. Chase, B. David, M. K., R. Nishimaki, M. Ohkubo, Constant-size structure-preserving signatures: Generic constructions and simple assumptions, in Xiaoyun Wang and Kazue Sako, editors, ASIACRYPT\u00a02012, volume 7658 of LNCS. (Springer, Heidelberg, 2012), pp. 4\u201324","DOI":"10.1007\/978-3-642-34961-4_3"},{"key":"9281_CR3","doi-asserted-by":"crossref","unstructured":"M. Abe, G. Fuchsbauer, J. Groth, K. Haralambiev, M. Ohkubo, Structure-preserving signatures and commitments to group elements, in Tal Rabin, editor, CRYPTO\u00a02010, volume 6223 of LNCS. (Springer, Heidelberg, August 2010), pp. 209\u2013236","DOI":"10.1007\/978-3-642-14623-7_12"},{"key":"9281_CR4","doi-asserted-by":"crossref","unstructured":"M. Abe, J. Groth, K. Haralambiev, M. Ohkubo, Optimal structure-preserving signatures in asymmetric bilinear groups, in Phillip Rogaway, editor, CRYPTO\u00a02011, volume 6841 of LNCS. (Springer, Heidelberg, August 2011), pp. 649\u2013666","DOI":"10.1007\/978-3-642-22792-9_37"},{"key":"9281_CR5","doi-asserted-by":"crossref","unstructured":"M. Abe, J. Groth, M. Ohkubo, M. Tibouchi, Structure-preserving signatures from type II pairings, in Juan\u00a0A. Garay and Rosario Gennaro, editors, CRYPTO\u00a02014, Part\u00a0I, volume 8616 of LNCS. (Springer, Heidelberg, August 2014), pp. 390\u2013407","DOI":"10.1007\/978-3-662-44371-2_22"},{"key":"9281_CR6","doi-asserted-by":"crossref","unstructured":"M. Abe, J. Groth, M. Ohkubo, M. Tibouchi, Unified, minimal and selectively randomizable structure-preserving signatures, in Yehuda Lindell, editor, TCC\u00a02014, volume 8349 of LNCS. (Springer, Heidelberg, February 2014), pp. 688\u2013712","DOI":"10.1007\/978-3-642-54242-8_29"},{"key":"9281_CR7","doi-asserted-by":"crossref","unstructured":"M. Abe, D. Hofheinz, R. Nishimaki, M. Ohkubo, J. Pan, Compact structure-preserving signatures with almost tight security, in Jonathan Katz and Hovav Shacham, editors, CRYPTO\u00a02017, Part\u00a0II, volume 10402 of LNCS. (Springer, Heidelberg, August 2017), pp. 548\u2013580","DOI":"10.1007\/978-3-319-63715-0_19"},{"key":"9281_CR8","unstructured":"M. Abe, K. Haralambiev, M. Ohkubo, Signing on elements in bilinear groups for modular protocol design. Cryptology ePrint Archive, Report 2010\/133, (2010). http:\/\/eprint.iacr.org\/2010\/133"},{"key":"9281_CR9","doi-asserted-by":"crossref","unstructured":"M. Abe, M. Kohlweiss, M. Ohkubo, M. Tibouchi, Fully structure-preserving signatures and shrinking commitments, in Elisabeth Oswald and Marc Fischlin, editors, EUROCRYPT\u00a02015, Part\u00a0II, volume 9057 of LNCS. (Springer, Heidelberg, April 2015), pp. 35\u201365","DOI":"10.1007\/978-3-662-46803-6_2"},{"key":"9281_CR10","doi-asserted-by":"crossref","unstructured":"N. Attrapadung, B. Libert, T. Peters, Computing on authenticated data: New privacy definitions and constructions, in Xiaoyun Wang and Kazue Sako, editors, ASIACRYPT\u00a02012, volume 7658 of LNCS. (Springer, Heidelberg, December 2012), pp. 367\u2013385","DOI":"10.1007\/978-3-642-34961-4_23"},{"key":"9281_CR11","doi-asserted-by":"crossref","unstructured":"N. Attrapadung, B. Libert, T. Peters, Efficient completely context-hiding quotable and linearly homomorphic signatures, in K. Kurosawa and G. Hanaoka, editors, PKC\u00a02013, volume 7778 of LNCS. (Springer, Heidelberg, February\/March 2013), pp. 386\u2013404","DOI":"10.1007\/978-3-642-36362-7_24"},{"key":"9281_CR12","doi-asserted-by":"crossref","unstructured":"N. Akagi, Y. Manabe, T. Okamoto, An efficient anonymous credential system, in G. Tsudik, editor, FC 2008, volume 5143 of LNCS. (Springer, Heidelberg, January 2008), pp. 272\u2013286","DOI":"10.1007\/978-3-540-85230-8_25"},{"key":"9281_CR13","doi-asserted-by":"crossref","unstructured":"M.H. Au, W. Susilo, Y.\u00a0Mu, Constant-size dynamic k-TAA, in R.\u00a0De Prisco and M. Yung, editors, SCN 06, volume 4116 of LNCS. (Springer, Heidelberg, September 2006), pp. 111\u2013125","DOI":"10.1007\/11832072_8"},{"key":"9281_CR14","doi-asserted-by":"crossref","unstructured":"D. Boneh, X. Boyen, Short signatures without random oracles, in C. Cachin and J. Camenisch, editors, EUROCRYPT\u00a02004, volume 3027 of LNCS. (Springer, Heidelberg, May 2004), pp. 56\u201373","DOI":"10.1007\/978-3-540-24676-3_4"},{"key":"9281_CR15","doi-asserted-by":"crossref","unstructured":"D. Boneh, X. Boyen, E.-J. Goh, Hierarchical identity based encryption with constant size ciphertext, in R. Cramer, editor, EUROCRYPT\u00a02005, volume 3494 of LNCS. (Springer, Heidelberg, May 2005), pp. 440\u2013456","DOI":"10.1007\/11426639_26"},{"key":"9281_CR16","doi-asserted-by":"crossref","unstructured":"D. Boneh, X. Boyen, H. Shacham, Short group signatures, in M. Franklin, editor, CRYPTO\u00a02004, volume 3152 of LNCS. (Springer, Heidelberg, August 2004), pp. 41\u201355","DOI":"10.1007\/978-3-540-28628-8_3"},{"key":"9281_CR17","doi-asserted-by":"crossref","unstructured":"D. Boneh, H. Corrigan-Gibbs, Bivariate polynomials modulo composites and their applications, in P. Sarkar and T. Iwata, editors, ASIACRYPT\u00a02014, Part\u00a0I, volume 8873 of LNCS. (Springer, Heidelberg, December 2014), pp. 42\u201362","DOI":"10.1007\/978-3-662-45611-8_3"},{"key":"9281_CR18","doi-asserted-by":"crossref","unstructured":"M. Belenkiy, J. Camenisch, M. Chase, M. Kohlweiss, A. Lysyanskaya, H. Shacham, Randomizable proofs and delegatable anonymous credentials, in S. Halevi, editor, CRYPTO\u00a02009, volume 5677 of LNCS. (Springer, Heidelberg, August 2009), pp. 108\u2013125","DOI":"10.1007\/978-3-642-03356-8_7"},{"key":"9281_CR19","doi-asserted-by":"crossref","unstructured":"M. Belenkiy, M. Chase, M. Kohlweiss, A. Lysyanskaya, P-signatures and noninteractive anonymous credentials, in R. Canetti, editor, TCC\u00a02008, volume 4948 of LNCS. (Springer, Heidelberg, March 2008), pp. 356\u2013374","DOI":"10.1007\/978-3-540-78524-8_20"},{"key":"9281_CR20","doi-asserted-by":"crossref","unstructured":"G. Barthe, E. Fagerholm, D. Fiore, A. Scedrov, B. Schmidt, M. Tibouchi, Strongly-optimal structure preserving signatures from type II pairings: Synthesis and lower bounds, in J. Katz, editor, PKC\u00a02015, volume 9020 of LNCS. (Springer, Heidelberg, March\/April 2015), pp. 355\u2013376","DOI":"10.1007\/978-3-662-46447-2_16"},{"key":"9281_CR21","doi-asserted-by":"crossref","unstructured":"D. Boneh, D. Freeman, J. Katz, B. Waters, Signing a linear subspace: Signature schemes for network coding, in S. Jarecki and G. Tsudik, editors, PKC\u00a02009, volume 5443 of LNCS. (Springer, Heidelberg, March 2009), pp. 68\u201387","DOI":"10.1007\/978-3-642-00468-1_5"},{"key":"9281_CR22","doi-asserted-by":"crossref","unstructured":"O. Blazy, G. Fuchsbauer, D. Pointcheval, D. Vergnaud, Signatures on randomizable ciphertexts, in D. Catalano, N. Fazio, R. Gennaro, and A. Nicolosi, editors, PKC\u00a02011, volume 6571 of LNCS. (Springer, Heidelberg, March 2011), pp. 403\u2013422","DOI":"10.1007\/978-3-642-19379-8_25"},{"key":"9281_CR23","doi-asserted-by":"crossref","unstructured":"M. Bellare, G. Fuchsbauer, A. Scafuro, NIZKs with an untrusted CRS: Security in the face of parameter subversion, in J.\u00a0H. Cheon and T. Takagi, editors, ASIACRYPT\u00a02016, Part\u00a0II, volume 10032 of LNCS. (Springer, Heidelberg, December 2016), pp. 777\u2013804","DOI":"10.1007\/978-3-662-53890-6_26"},{"key":"9281_CR24","doi-asserted-by":"crossref","unstructured":"F. Baldimtsi, A. Lysyanskaya, Anonymous credentials light, in A.-R. Sadeghi, V.D. Gligor, and M. Yung, editors, ACM CCS 13. (ACM Press, November 2013), pp. 1087\u20131098","DOI":"10.1145\/2508859.2516687"},{"key":"9281_CR25","doi-asserted-by":"crossref","unstructured":"P.S.L.M. Barreto, M. Naehrig, Pairing-friendly elliptic curves of prime order, in B. Preneel and S. Tavares, editors, SAC 2005, volume 3897 of LNCS. (Springer, Heidelberg, August 2006), pp. 319\u2013331","DOI":"10.1007\/11693383_22"},{"key":"9281_CR26","doi-asserted-by":"crossref","unstructured":"X. Boyen, The uber-assumption family (invited talk), in S.D. Galbraith and K.G. Paterson, editors, PAIRING 2008, volume 5209 of LNCS. (Springer, Heidelberg, 2008), pp. 39\u201356","DOI":"10.1007\/978-3-540-85538-5_3"},{"key":"9281_CR27","doi-asserted-by":"crossref","unstructured":"N. Bari, B. Pfitzmann, Collision-free accumulators and fail-stop signature schemes without trees, in W. Fumy, editor, EUROCRYPT\u201997, volume 1233 of LNCS. (Springer, Heidelberg, May 1997), pp. 480\u2013494","DOI":"10.1007\/3-540-69053-0_33"},{"key":"9281_CR28","doi-asserted-by":"crossref","unstructured":"S. Brands, Rethinking public-key Infrastructures and Digital Certificates: Building in Privacy. (MIT Press, 2000)","DOI":"10.7551\/mitpress\/5931.001.0001"},{"key":"9281_CR29","doi-asserted-by":"crossref","unstructured":"M. Bellare, H. Shi, C. Zhang, Foundations of group signatures: The case of dynamic groups, in A. Menezes, editor, CT-RSA\u00a02005, volume 3376 of LNCS. (Springer, Heidelberg, February 2005), pp. 136\u2013153","DOI":"10.1007\/978-3-540-30574-3_11"},{"key":"9281_CR30","doi-asserted-by":"crossref","unstructured":"R. Canetti, Universally composable security: A new paradigm for cryptographic protocols, in 42nd FOCS. IEEE Computer Society Press, (October 2001), pp. 136\u2013145","DOI":"10.1109\/SFCS.2001.959888"},{"key":"9281_CR31","doi-asserted-by":"crossref","unstructured":"J. Camenisch, M. Dubovitskaya, K. Haralambiev, M. Kohlweiss, Composable and modular anonymous credentials: definitions and practical constructions, in T. Iwata and J.H. Cheon, editors, ASIACRYPT\u00a02015, Part\u00a0II, volume 9453 of LNCS. (Springer, Heidelberg, November\/December 2015), pp. 262\u2013288","DOI":"10.1007\/978-3-662-48800-3_11"},{"key":"9281_CR32","doi-asserted-by":"crossref","unstructured":"R. Cramer, I. Damg\u00e5rd, P.D. MacKenzie, Efficient zero-knowledge proofs of knowledge without intractability assumptions, in H. Imai and Y. Zheng, editors, PKC\u00a02000, volume 1751 of LNCS. (Springer, Heidelberg, January 2000), pp. 354\u2013372","DOI":"10.1007\/978-3-540-46588-1_24"},{"key":"9281_CR33","doi-asserted-by":"crossref","unstructured":"D. Catalano, D. Fiore, Vector commitments and their applications. In K. Kurosawa and G. Hanaoka, editors, PKC\u00a02013, volume 7778 of LNCS. (Springer, Heidelberg, February\u00a0\/\u00a0March 2013), pp. 55\u201372","DOI":"10.1007\/978-3-642-36362-7_5"},{"key":"9281_CR34","doi-asserted-by":"crossref","unstructured":"D. Catalano, D. Fiore, B. Warinschi, Efficient network coding signatures in the standard model, in M. Fischlin, J. Buchmann, and M. Manulis, editors, PKC\u00a02012, volume 7293 of LNCS. (Springer, Heidelberg, 2012), pp. 680\u2013696","DOI":"10.1007\/978-3-642-30057-8_40"},{"key":"9281_CR35","doi-asserted-by":"crossref","unstructured":"J. Camenisch, T. Gro\u00df, Efficient attributes for anonymous credentials. ACM Transactions on Information and System Security, 15(1), 4, (2012)","DOI":"10.1145\/2133375.2133379"},{"key":"9281_CR36","doi-asserted-by":"crossref","unstructured":"M. Chase, C. Ganesh, P. Mohassel, Efficient zero-knowledge proof of algebraic and non-algebraic statements with applications to privacy preserving credentials, in M. Robshaw and J. Katz, editors, CRYPTO\u00a02016, Part\u00a0III, volume 9816 of LNCS. (Springer, Heidelberg, 2016), pp. 499\u2013530","DOI":"10.1007\/978-3-662-53015-3_18"},{"key":"9281_CR37","doi-asserted-by":"crossref","unstructured":"J. Camenisch, S. Krenn, A. Lehmann, G.L. Mikkelsen, G. Neven, M.\u00d8. Pedersen, Formal treatment of privacy-enhancing credential systems, in O. Dunkelman and L. Keliher, editors, SAC 2015, volume 9566 of LNCS. (Springer, Heidelberg, August 2016), pp. 3\u201324","DOI":"10.1007\/978-3-319-31301-6_1"},{"key":"9281_CR38","doi-asserted-by":"crossref","unstructured":"M. Chase, M. Kohlweiss, A. Lysyanskaya, S. Meiklejohn. Malleable proof systems and applications, in D. Pointcheval and T. Johansson, editors, EUROCRYPT\u00a02012, volume 7237 of LNCS. (Springer, Heidelberg, April 2012), pp. 281\u2013300","DOI":"10.1007\/978-3-642-29011-4_18"},{"key":"9281_CR39","unstructured":"M. Chase, M. Kohlweiss, A. Lysyanskaya, S. Meiklejohn. Malleable signatures: New definitions and delegatable anonymous credentials, in IEEE 27th Computer Security Foundations Symposium, CSF 2014, (2014), pp. 199\u2013213"},{"key":"9281_CR40","doi-asserted-by":"crossref","unstructured":"J. Camenisch, A. Lysyanskaya, An efficient system for non-transferable anonymous credentials with optional anonymity revocation, in B. Pfitzmann, editor, EUROCRYPT\u00a02001, volume 2045 of LNCS. (Springer, Heidelberg, May 2001), pp. 93\u2013118","DOI":"10.1007\/3-540-44987-6_7"},{"key":"9281_CR41","doi-asserted-by":"crossref","unstructured":"J. Camenisch, A. Lysyanskaya, A signature scheme with efficient protocols, in S. Cimato, C. Galdi, and G. Persiano, editors, SCN 02, volume 2576 of LNCS. (Springer, Heidelberg, September 2003), pp. 268\u2013289","DOI":"10.1007\/3-540-36413-7_20"},{"key":"9281_CR42","doi-asserted-by":"crossref","unstructured":"J. Camenisch, A. Lysyanskaya, Signature schemes and anonymous credentials from bilinear maps, in M. Franklin, editor, CRYPTO\u00a02004, volume 3152 of LNCS. (Springer, Heidelberg, August 2004), pp. 56\u201372","DOI":"10.1007\/978-3-540-28628-8_4"},{"key":"9281_CR43","unstructured":"S. Canard, R. Lescuyer, Anonymous credentials from (indexed) aggregate signatures, in DIM\u201911, Proceedings of the 2013 ACM Workshop on Digital Identity Management, Chicago, IL, USA - October 21, 2011, (2011), pp. 53\u201362"},{"key":"9281_CR44","doi-asserted-by":"crossref","unstructured":"S. Canard, R. Lescuyer, Protecting privacy by sanitizing personal data: a new approach to anonymous credentials, in K. Chen, Q.\u00a0Xie, W. Qiu, N. Li, and W.-G. Tzeng, editors, ASIACCS 13. (ACM Press, May 2013), pp. 381\u2013392","DOI":"10.1145\/2484313.2484363"},{"key":"9281_CR45","doi-asserted-by":"crossref","unstructured":"S. Chatterjee, A. Menezes, On cryptographic protocols employing asymmetric pairings - the role of $$\\varPsi $$ \u03a8 revisited. Discrete Applied Mathematics 159(13), 1311\u20131322, (2011)","DOI":"10.1016\/j.dam.2011.04.021"},{"key":"9281_CR46","doi-asserted-by":"crossref","unstructured":"D. Chaum, T.P. Pedersen, Wallet databases with observers, in E.F. Brickell, editor, CRYPTO\u201992, volume 740 of LNCS. (Springer, Heidelberg, 1993), pp. 89\u2013105","DOI":"10.1007\/3-540-48071-4_7"},{"key":"9281_CR47","doi-asserted-by":"crossref","unstructured":"I. Damg\u00e5rd, Efficient concurrent zero-knowledge in the auxiliary string model, in B. Preneel, editor, EUROCRYPT\u00a02000, volume 1807 of LNCS. (Springer, Heidelberg, May 2000), pp. 418\u2013430","DOI":"10.1007\/3-540-45539-6_30"},{"key":"9281_CR48","doi-asserted-by":"crossref","unstructured":"I. Damg\u00e5rd, H. Haagh, C. Orlandi, Access control encryption: Enforcing information flow with cryptography, in M. Hirt and A.D. Smith, editors, TCC\u00a02016-B, Part\u00a0II, volume 9986 of LNCS. (Springer, Heidelberg, October\/November 2016), pp. 547\u2013576","DOI":"10.1007\/978-3-662-53644-5_21"},{"key":"9281_CR49","doi-asserted-by":"crossref","unstructured":"D. Derler, C. Hanser, D. Slamanig, A new approach to efficient revocable attribute-based anonymous credentials, in J. Groth, editor, 15th IMA International Conference on Cryptography and Coding, volume 9496 of LNCS. (Springer, Heidelberg, 2015), pp. 57\u201374","DOI":"10.1007\/978-3-319-27239-9_4"},{"key":"9281_CR50","doi-asserted-by":"crossref","unstructured":"D. Derler, C. Hanser, D. Slamanig, Revisiting cryptographic accumulators, additional properties and relations to other primitives, in K. Nyberg, editor, CT-RSA\u00a02015, volume 9048 of LNCS. (Springer, Heidelberg, April 2015), pp. 127\u2013144","DOI":"10.1007\/978-3-319-16715-2_7"},{"key":"9281_CR51","unstructured":"D. Derler, D. Slamanig, Fully-anonymous short dynamic group signatures without encryption. IACR Cryptology ePrint Archive, 2016:154, (2016)"},{"key":"9281_CR52","doi-asserted-by":"crossref","unstructured":"G. Fuchsbauer, R. Gay, Weakly secure equivalence-class signatures from standard assumptions, in M. Abdalla, editor, PKC 2018, LNCS. (Springer, 2018)","DOI":"10.1007\/978-3-319-76581-5_6"},{"key":"9281_CR53","doi-asserted-by":"crossref","unstructured":"G. Fuchsbauer, R. Gay, L. Kowalczyk, C. Orlandi, Access control encryption for equality, comparison, and more, in S. Fehr, editor, PKC\u00a02017, Part\u00a0II, volume 10175 of LNCS. (Springer, Heidelberg, 2017), pp. 88\u2013118","DOI":"10.1007\/978-3-662-54388-7_4"},{"key":"9281_CR54","doi-asserted-by":"crossref","unstructured":"G. Fuchsbauer, C. Hanser, C. Kamath, D. Slamanig, Practical round-optimal blind signatures in the standard model from weaker assumptions, in V. Zikas and R. De Prisco, editors, SCN 16, volume 9841 of LNCS. (Springer, Heidelberg, August\/September 2016), pp. 391\u2013408","DOI":"10.1007\/978-3-319-44618-9_21"},{"key":"9281_CR55","doi-asserted-by":"crossref","unstructured":"G. Fuchsbauer, C. Hanser, D. Slamanig, Practical round-optimal blind signatures in the standard model, in R. Gennaro and M.J.B. Robshaw, editors, CRYPTO\u00a02015, Part\u00a0II, volume 9216 of LNCS, pp. 233\u2013253. (Springer, Heidelberg, August 2015)","DOI":"10.1007\/978-3-662-48000-7_12"},{"key":"9281_CR56","doi-asserted-by":"crossref","unstructured":"E. Fujisaki, T. Okamoto, A practical and provably secure scheme for publicly verifiable secret sharing and its applications. In K. Nyberg, editor, EUROCRYPT\u201998, volume 1403 of LNCS. (Springer, Heidelberg, May\/June 1998), pp. 32\u201346","DOI":"10.1007\/BFb0054115"},{"key":"9281_CR57","doi-asserted-by":"crossref","unstructured":"D.M. Freeman, Improved security for linearly homomorphic signatures: A generic framework, in M. Fischlin, J. Buchmann, and M. Manulis, editors, PKC\u00a02012, volume 7293 of LNCS. (Springer, Heidelberg, May 2012), pp. 697\u2013714","DOI":"10.1007\/978-3-642-30057-8_41"},{"key":"9281_CR58","unstructured":"G. Fuchsbauer, Automorphic signatures in bilinear groups and an application to round-optimal blind signatures. Cryptology ePrint Archive, Report 2009\/320 (2009). http:\/\/eprint.iacr.org\/2009\/320 ."},{"key":"9281_CR59","doi-asserted-by":"crossref","unstructured":"G. Fuchsbauer, Commuting signatures and verifiable encryption, in K.G. Paterson, editor, EUROCRYPT\u00a02011, volume 6632 of LNCS. (Springer, Heidelberg, May 2011), pp. 224\u2013245","DOI":"10.1007\/978-3-642-20465-4_14"},{"key":"9281_CR60","unstructured":"G. Fuchsbauer, Breaking existential unforgeability of a signature scheme from asiacrypt 2014. Cryptology ePrint Archive, Report 2014\/892, (2014). http:\/\/eprint.iacr.org\/2014\/892"},{"key":"9281_CR61","doi-asserted-by":"crossref","unstructured":"E. Ghadafi, Short structure-preserving signatures, in K. Sako, editor, CT-RSA\u00a02016, volume 9610 of LNCS. (Springer, Heidelberg, February\u00a0\/\u00a0March 2016), pp. 305\u2013321","DOI":"10.1007\/978-3-319-29485-8_18"},{"key":"9281_CR62","doi-asserted-by":"crossref","unstructured":"S. Goldwasser, S. Micali, R.L. Rivest, A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17(2), 281\u2013308, (1988)","DOI":"10.1137\/0217017"},{"key":"9281_CR63","doi-asserted-by":"crossref","unstructured":"O. Goldreich, The Foundations of Cryptography - Volume 1, Basic Techniques. (Cambridge University Press, 2001)","DOI":"10.1017\/CBO9780511546891"},{"key":"9281_CR64","doi-asserted-by":"crossref","unstructured":"V. Goyal, Reducing trust in the PKG in identity based cryptosystems, in A. Menezes, editor, CRYPTO\u00a02007, volume 4622 of LNCS. (Springer, Heidelberg, August 2007), pp. 430\u2013447","DOI":"10.1007\/978-3-540-74143-5_24"},{"key":"9281_CR65","doi-asserted-by":"crossref","unstructured":"J. Groth, Short pairing-based non-interactive zero-knowledge arguments, in M. Abe, editor, ASIACRYPT\u00a02010, volume 6477 of LNCS. (Springer, Heidelberg, December 2010), pp. 321\u2013340","DOI":"10.1007\/978-3-642-17373-8_19"},{"key":"9281_CR66","doi-asserted-by":"crossref","unstructured":"J. Groth, Efficient fully structure-preserving signatures for large messages, in T. Iwata and J.H. Cheon, editors, ASIACRYPT\u00a02015, Part\u00a0I, volume 9452 of LNCS. (Springer, Heidelberg, November\u00a0\/\u00a0December 2015), pp. 239\u2013259","DOI":"10.1007\/978-3-662-48797-6_11"},{"key":"9281_CR67","doi-asserted-by":"crossref","unstructured":"J. Groth, A. Sahai, Efficient non-interactive proof systems for bilinear groups, in N.P. Smart, editor, EUROCRYPT\u00a02008, volume 4965 of LNCS. (Springer, Heidelberg, 2008), pp. 415\u2013432","DOI":"10.1007\/978-3-540-78967-3_24"},{"key":"9281_CR68","doi-asserted-by":"crossref","unstructured":"C. Hanser, M. Rabkin, D. Schr\u00f6der, Verifiably encrypted signatures: Security revisited and a new construction, in G. Pernul, P.Y.A. Ryan, and E.R. Weippl, editors, ESORICS\u00a02015, Part\u00a0I, volume 9326 of LNCS. (Springer, Heidelberg, September 2015), pp. 146\u2013164","DOI":"10.1007\/978-3-319-24174-6_8"},{"key":"9281_CR69","doi-asserted-by":"crossref","unstructured":"C. Hanser, D. Slamanig, Structure-preserving signatures on equivalence classes and their application to anonymous credentials, in P. Sarkar and T. Iwata, editors, ASIACRYPT\u00a02014, Part\u00a0I, volume 8873 of LNCS. (Springer, Heidelberg, December 2014), pp. 491\u2013511","DOI":"10.1007\/978-3-662-45611-8_26"},{"key":"9281_CR70","doi-asserted-by":"crossref","unstructured":"M. Izabach\u00e8ne, B. Libert, D. Vergnaud, Block-wise P-signatures and non-interactive anonymous credentials with efficient attributes, in L. Chen, editor, 13th IMA International Conference on Cryptography and Coding, volume 7089 of LNCS. (Springer, Heidelberg, December 2011), pp. 431\u2013450","DOI":"10.1007\/978-3-642-25516-8_26"},{"key":"9281_CR71","doi-asserted-by":"crossref","unstructured":"R. Johnson, D. Molnar, D.X. Song, D. Wagner, Homomorphic signature schemes, in B. Preneel, editor, CT-RSA\u00a02002, volume 2271 of LNCS. (Springer, Heidelberg, February 2002), pp. 244\u2013262","DOI":"10.1007\/3-540-45760-7_17"},{"key":"9281_CR72","doi-asserted-by":"crossref","unstructured":"C.S. Jutla, A. Roy, Improved structure preserving signatures under standard bilinear assumptions, in S. Fehr, editor, PKC\u00a02017, Part\u00a0II, volume 10175 of LNCS. (Springer, Heidelberg, March 2017), pp. 183\u2013209","DOI":"10.1007\/978-3-662-54388-7_7"},{"key":"9281_CR73","doi-asserted-by":"crossref","unstructured":"E. Kiltz, J. Pan, H. Wee, Structure-preserving signatures from standard assumptions, revisited, in R. Gennaro and M.J.B. Robshaw, editors, CRYPTO\u00a02015, Part\u00a0II, volume 9216 of LNCS. (Springer, Heidelberg, August 2015), pp. 275\u2013295","DOI":"10.1007\/978-3-662-48000-7_14"},{"key":"9281_CR74","doi-asserted-by":"crossref","unstructured":"A. Kate, G.M. Zaverucha, I. Goldberg, Constant-size commitments to polynomials and their applications, in M. Abe, editor, ASIACRYPT\u00a02010, volume 6477 of LNCS. (Springer, Heidelberg, December 2010), pp. 177\u2013194","DOI":"10.1007\/978-3-642-17373-8_11"},{"key":"9281_CR75","doi-asserted-by":"crossref","unstructured":"H. Lipmaa, Progression-free sets and sublinear pairing-based non-interactive zero-knowledge arguments, in R. Cramer, editor, TCC\u00a02012, volume 7194 of LNCS. (Springer, Heidelberg, March 2012), pp. 169\u2013189","DOI":"10.1007\/978-3-642-28914-9_10"},{"key":"9281_CR76","doi-asserted-by":"crossref","unstructured":"B. Libert, T. Peters, M. Joye, M. Yung, Linearly homomorphic structure-preserving signatures and their applications, in R. Canetti and J.A. Garay, editors, CRYPTO\u00a02013, Part\u00a0II, volume 8043 of LNCS. (Springer, Heidelberg, August 2013), pp. 289\u2013307","DOI":"10.1007\/978-3-642-40084-1_17"},{"key":"9281_CR77","doi-asserted-by":"crossref","unstructured":"A. Lysyanskaya, R.L. Rivest, A. Sahai, S. Wolf, Pseudonym systems, in H.M. Heys and C.M. Adams, editors, SAC 1999, volume 1758 of LNCS. (Springer, Heidelberg, August 1999), pp. 184\u2013199","DOI":"10.1007\/3-540-46513-8_14"},{"key":"9281_CR78","doi-asserted-by":"crossref","unstructured":"R.C. Merkle, A digital signature based on a conventional encryption function, in C. Pomerance, editor, CRYPTO\u201987, volume 293 of LNCS. (Springer, Heidelberg, August 1988), pp. 369\u2013378","DOI":"10.1007\/3-540-48184-2_32"},{"key":"9281_CR79","doi-asserted-by":"crossref","unstructured":"S. Micali, M.O. Rabin, J. Kilian, Zero-knowledge sets. In 44th FOCS. (IEEE Computer Society Press, October 2003), pp. 80\u201391","DOI":"10.1109\/SFCS.2003.1238183"},{"key":"9281_CR80","doi-asserted-by":"crossref","unstructured":"T.P. Pedersen, Non-interactive and information-theoretic secure verifiable secret sharing, in J. Feigenbaum, editor, CRYPTO\u201991, volume 576 of LNCS. (Springer, Heidelberg, 1992), pp. 129\u2013140","DOI":"10.1007\/3-540-46766-1_9"},{"key":"9281_CR81","doi-asserted-by":"crossref","unstructured":"D. Pointcheval, O. Sanders, Short randomizable signatures, in K. Sako, editor, CT-RSA\u00a02016, volume 9610 of LNCS. (Springer, Heidelberg, February\u00a0\/\u00a0March 2016), pp. 111\u2013126","DOI":"10.1007\/978-3-319-29485-8_7"},{"key":"9281_CR82","doi-asserted-by":"crossref","unstructured":"S. Ringers, E.R. Verheul, J.-H. Hoepman, An efficient self-blindable attribute-based credential scheme. IACR Cryptology ePrint Archive, 2017, 115, (2017). (to appear at Financial Crypto 2017)","DOI":"10.1007\/978-3-319-70972-7_1"},{"key":"9281_CR83","doi-asserted-by":"crossref","unstructured":"R. Steinfeld, L. Bull, Y. Zheng, Content extraction signatures, in K. Kim, editor, ICISC 01, volume 2288 of LNCS. (Springer, Heidelberg, December 2002), pp. 285\u2013304","DOI":"10.1007\/3-540-45861-1_22"},{"key":"9281_CR84","doi-asserted-by":"crossref","unstructured":"V. Shoup, Lower bounds for discrete logarithms and related problems, in W. Fumy, editor, EUROCRYPT\u201997, volume 1233 of LNCS. (Springer, Heidelberg, May 1997), pp. 256\u2013266","DOI":"10.1007\/3-540-69053-0_18"},{"key":"9281_CR85","doi-asserted-by":"crossref","unstructured":"A. Sudarsono, T. Nakanishi, N. Funabiki, Efficient proofs of attributes in pairing-based anonymous credential system, in Privacy Enhancing Technologies - 11th International Symposium, PETS 2011, Waterloo, ON, Canada, July 27-29, 2011. Proceedings, pp. 246\u2013263 (2011)","DOI":"10.1007\/978-3-642-22263-4_14"},{"key":"9281_CR86","doi-asserted-by":"crossref","unstructured":"E.R. Verheul, Self-blindable credential certificates from the Weil pairing, in C. Boyd, editor, ASIACRYPT\u00a02001, volume 2248 of LNCS. (Springer, Heidelberg, December 2001), pp. 533\u2013551","DOI":"10.1007\/3-540-45682-1_31"},{"key":"9281_CR87","doi-asserted-by":"crossref","unstructured":"B.R. Waters, Efficient identity-based encryption without random oracles, in R. Cramer, editor, EUROCRYPT\u00a02005, volume 3494 of LNCS. (Springer, Heidelberg, May 2005), pp. 114\u2013127","DOI":"10.1007\/11426639_7"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-018-9281-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-018-9281-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-018-9281-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,1]],"date-time":"2025-07-01T21:39:23Z","timestamp":1751405963000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-018-9281-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,2,15]]},"references-count":87,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2019,4]]}},"alternative-id":["9281"],"URL":"https:\/\/doi.org\/10.1007\/s00145-018-9281-4","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,2,15]]},"assertion":[{"value":"16 March 2016","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 February 2018","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"15 February 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}