{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,15]],"date-time":"2026-04-15T23:45:16Z","timestamp":1776296716656,"version":"3.50.1"},"reference-count":50,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2018,8,8]],"date-time":"2018-08-08T00:00:00Z","timestamp":1533686400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2019,7]]},"DOI":"10.1007\/s00145-018-9300-5","type":"journal-article","created":{"date-parts":[[2018,8,8]],"date-time":"2018-08-08T16:43:43Z","timestamp":1533746623000},"page":"973-1025","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Efficient Fully Structure-Preserving Signatures and Shrinking Commitments"],"prefix":"10.1007","volume":"32","author":[{"given":"Masayuki","family":"Abe","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jens","family":"Groth","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Markulf","family":"Kohlweiss","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Miyako","family":"Ohkubo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mehdi","family":"Tibouchi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,8,8]]},"reference":[{"key":"9300_CR1","unstructured":"M. Abe, J. Camenisch, R. Dowsley, M. Dubovitskaya, On the impossibility of structure-preserving deterministic primitives, in Proceedings of Theory of Cryptography\u201411th Theory of Cryptography Conference, TCC 2014, San Diego, CA, USA, February 24\u201326, 2014 (2014), pp. 713\u2013738"},{"issue":"4","key":"9300_CR2","doi-asserted-by":"publisher","first-page":"833","DOI":"10.1007\/s00145-015-9211-7","volume":"29","author":"M Abe","year":"2016","unstructured":"M. Abe, M. Chase, B. David, M. Kohlweiss, R. Nishimaki, M. Ohkubo, Constant-size structure-preserving signatures: Generic constructions and simple assumptions. J. Cryptology 29(4), 833\u2013878 (2016)","journal-title":"J. Cryptol."},{"issue":"2","key":"9300_CR3","doi-asserted-by":"publisher","first-page":"363","DOI":"10.1007\/s00145-014-9196-7","volume":"29","author":"M Abe","year":"2016","unstructured":"M. Abe, G. Fuchsbauer, J. Groth, K. Haralambiev, M. Ohkubo, Structure-preserving signatures and commitments to group elements. J. Cryptology 29(2), 363\u2013421 (2016)","journal-title":"J. Cryptol."},{"key":"9300_CR4","doi-asserted-by":"crossref","unstructured":"M. Abe, J. Groth, K. Haralambiev, M. Ohkubo. Optimal structure-preserving signatures in asymmetric bilinear groups, in Advances in Cryptology\u2014CRYPTO 2011, volume 6841 of LNCS (Springer, 2011), pp. 649\u2013666","DOI":"10.1007\/978-3-642-22792-9_37"},{"key":"9300_CR5","doi-asserted-by":"crossref","unstructured":"M. Abe, J. Groth, M. Ohkubo, Separating short structure-preserving signatures from non-interactive assumptions, in Advances in Cryptology\u2014ASIACRYPT 2011, volume 7073 of LNCS (Springer, 2011), pp. 628\u2013646","DOI":"10.1007\/978-3-642-25385-0_34"},{"key":"9300_CR6","doi-asserted-by":"crossref","unstructured":"M. Abe, J. Groth, M. Ohkubo, M. Tibouchi, Structure-preserving signatures from type II pairings, in J. A. Garay, R. Gennaro, editors, Advances in Cryptology\u2014CRYPTO 2014 - 34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17\u201321, 2014, Proceedings, Part I, volume 8616 of Lecture Notes in Computer Science (Springer, 2014), pp. 390\u2013407","DOI":"10.1007\/978-3-662-44371-2_22"},{"key":"9300_CR7","doi-asserted-by":"crossref","unstructured":"M. Abe, J. Groth, M. Ohkubo, M. Tibouchi, Unified, minimal and selectively randomizable structure-preserving signatures, in Theory of Cryptography\u201411th Theory of Cryptography Conference, volume 8349 of LNCS (Springer, 2014), pp. 688\u2013712","DOI":"10.1007\/978-3-642-54242-8_29"},{"key":"9300_CR8","doi-asserted-by":"crossref","unstructured":"M. Abe, K. Haralambiev, M. Ohkubo, Group to group commitments do not shrink, in D. Pointcheval, T. Johansson, editors, EUROCRYPT 2012, volume 7237 of LNCS (Springer, 2012), pp. 301\u2013317","DOI":"10.1007\/978-3-642-29011-4_19"},{"key":"9300_CR9","unstructured":"M. Abe, M. Kohlweiss, M. Ohkubo, M. Tibouchi, Fully structure-preserving signatures and shrinking commitments, in Advances in Cryptology\u2014EUROCRYPT 2015\u201434th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26\u201430, 2015, Proceedings, Part II (2015), pp. 35\u201365"},{"key":"9300_CR10","unstructured":"M. Abe, M. Kohlweiss, M. Ohkubo, M. Tibouchi, Fully structure-preserving signatures and shrinking commitments. IACR ePrint Archive, Report 2015\/076 (2015). http:\/\/eprint.iacr.org\/2015\/076 . Accessed 2 Feb 2015"},{"issue":"3","key":"9300_CR11","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1504\/IJACT.2012.045581","volume":"2","author":"M Abe","year":"2012","unstructured":"M. Abe, M. Ohkubo, A framework for universally composable non-committing blind signatures. IJACT 2(3), 229\u2013249 (2012)","journal-title":"IJACT"},{"key":"9300_CR12","doi-asserted-by":"crossref","unstructured":"G. Barthe, E. Fagerholm, D. Fiore, A. Scedrov, B. Schmidt, M. Tibouchi, Strongly-optimal structure preserving signatures from type II pairings: synthesis and lower bounds, in J. Katz, editor, PKC 2015, Lecture Notes in Computer Science (Springer, 2015) to appear","DOI":"10.1007\/978-3-662-46447-2_16"},{"key":"9300_CR13","doi-asserted-by":"crossref","unstructured":"M. Belenkiy, J. Camenisch, M. Chase, M. Kohlweiss, A. Lysyanskaya, H. Shacham, Randomizable proofs and delegatable anonymous credentials, in S. Halevi, editor, Advances in Cryptology\u2014CRYPTO, volume 5677 of LNCS (Springer, 2009), pp. 108\u2013125","DOI":"10.1007\/978-3-642-03356-8_7"},{"key":"9300_CR14","doi-asserted-by":"crossref","unstructured":"M. Bellare, A. Palacio, The knowledge-of-exponent assumptions and 3-round zero-knowledge protocols, in M. K. Franklin, editor, CRYPTO, volume 3152 of LNCS (Springer, 2004), pp. 273\u2013289","DOI":"10.1007\/978-3-540-28628-8_17"},{"key":"9300_CR15","unstructured":"M. Bellare, H. Shi, C. Zhang, Foundations of group signatures: The case of dynamic groups, in Topics in Cryptology\u2014CT-RSA 2005, The Cryptographers\u2019 Track at the RSA Conference 2005, San Francisco, CA, USA, February 14\u201318, 2005, Proceedings (2005), pp. 136\u2013153"},{"key":"9300_CR16","unstructured":"M. Bellare, S. Shoup, Two-tier signatures, strongly unforgeable signatures, and Fiat-Shamir without random oracles, in Public-Key Cryptography, volume 4450 of LNCS (2007), pp. 201\u2013216"},{"issue":"1","key":"9300_CR17","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1007\/s00145-007-9011-9","volume":"22","author":"A Bender","year":"2009","unstructured":"A. Bender, J. Katz, R. Morselli, Ring signatures: Stronger definitions, and constructions without random oracles. J. Cryptology 22(1), 114\u2013138 (2009)","journal-title":"J. Cryptol."},{"issue":"2","key":"9300_CR18","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/s00145-007-9005-7","volume":"21","author":"D Boneh","year":"2008","unstructured":"D. Boneh, X. Boyen, Short signatures without random oracles and the sdh assumption in bilinear groups. J. Cryptology 21(2), 149\u2013177 (2008)","journal-title":"J. Cryptol."},{"key":"9300_CR19","unstructured":"D. Boneh, X. Boyen, E. Goh, Hierarchical identity based encryption with constant size ciphertext. in Advances in Cryptology\u2014EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22\u201326, 2005, Proceedings (2005), pp. 440\u2013456"},{"key":"9300_CR20","doi-asserted-by":"crossref","unstructured":"J. Camenisch, N. Chandran, V. Shoup, A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks, in A. Joux, editor, Advances in Cryptology\u2014EUROCRYPT 2009, 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, Germany, April 26\u201330, 2009. Proceedings, volume 5479 of Lecture Notes in Computer Science (Springer, 2009), pp. 351\u2013368","DOI":"10.1007\/978-3-642-01001-9_20"},{"key":"9300_CR21","doi-asserted-by":"crossref","unstructured":"J. Camenisch, M. Dubovitskaya, K. Haralambiev, M. Kohlweiss, Composable and modular anonymous credentials: Definitions and practical constructions. in T. Iwata and J. H. Cheon, editors, Advances in Cryptology\u2014ASIACRYPT 2015\u201421st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29\u2013December 3, 2015, Proceedings, Part II, volume 9453 of Lecture Notes in Computer Science (Springer, 2015), pp. 262\u2013288","DOI":"10.1007\/978-3-662-48800-3_11"},{"key":"9300_CR22","doi-asserted-by":"crossref","unstructured":"J. Camenisch, K. Haralambiev, M. Kohlweiss, J. Lapon, V. Naessens, Structure preserving CCA secure encryption and applications. in D. H. Lee and X. Wang, editors, Advances in Cryptology - ASIACRYPT 2011 - 17th International Conference on the Theory and Application of Cryptology and Information Security, Seoul, South Korea, December 4-8, 2011. Proceedings, volume 7073 of Lecture Notes in Computer Science (Springer, 2011), pp. 89\u2013106","DOI":"10.1007\/978-3-642-25385-0_5"},{"key":"9300_CR23","unstructured":"J. Camenisch, S. Krenn, V. Shoup, A framework for practical universally composable zero-knowledge protocols, in Advances in Cryptology\u2014ASIACRYPT 2011\u201417th International Conference on the Theory and Application of Cryptology and Information Security, Seoul, South Korea, December 4\u20138, 2011. Proceedings (2011), pp. 449\u2013467"},{"key":"9300_CR24","unstructured":"J. Camenisch, A. Lysyanskaya, An efficient system for non-transferable anonymous credentials with optional anonymity revocation, in Advances in Cryptology\u2014EUROCRYPT 2001, International Conference on the Theory and Application of Cryptographic Techniques, Innsbruck, Austria, May 6\u201310, 2001, Proceeding (2001), pp. 93\u2013118"},{"key":"9300_CR25","doi-asserted-by":"crossref","unstructured":"D. Catalano, M. D. Raimondo, D. Fiore, R. Gennaro, Off-line\/on-line signatures: Theoretical aspects and experimental results. in Public Key Cryptography\u2014PKC 2008, 11th International Workshop on Practice and Theory in Public-Key Cryptography, Barcelona, Spain, March 9\u201312, 2008. Proceedings, volume 4939 of LNCS (Springer, 2008), pp. 101\u2013120","DOI":"10.1007\/978-3-540-78440-1_7"},{"key":"9300_CR26","doi-asserted-by":"crossref","unstructured":"M. Chase, M. Kohlweiss, A. Lysyanskaya, S. Meiklejohn, Malleable signatures: New definitions and delegatable anonymous credentials, in 2013 IEEE 27th Computer Security Foundations Symposium (2014)","DOI":"10.1109\/CSF.2014.22"},{"key":"9300_CR27","unstructured":"S. Chatterjee, A. Menezes, Type 2 structure-preserving signature schemes revisited. IACR ePrint Archive, Report 2014\/635 (2014). http:\/\/eprint.iacr.org\/2014\/635 . Accessed 10 Sept 2015."},{"key":"9300_CR28","doi-asserted-by":"crossref","unstructured":"I. Damg\u00e5rd, J. Groth, Non-interactive and reusable non-malleable commitment schemes, in L. L. Larmore and M. X. Goemans, editors, Proceedings of the 35th Annual ACM Symposium on Theory of Computing, June 9\u201311, 2003, San Diego, CA, USA (ACM, 2003), pp. 426\u2013437","DOI":"10.1145\/780542.780605"},{"key":"9300_CR29","unstructured":"A. Escala, J. Groth, Fine-tuning groth-sahai proofs, in Public-Key Cryptography\u2014PKC 2014\u201417th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, March 26\u201328, 2014. Proceedings (2014), pp. 630\u2013649"},{"issue":"1","key":"9300_CR30","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/BF02254791","volume":"9","author":"S Even","year":"1996","unstructured":"S. Even, O. Goldreich, S. Micali, On-line\/off-line digital signatures. J. Cryptology 9(1), 35\u201367 (1996)","journal-title":"J. Cryptol."},{"key":"9300_CR31","doi-asserted-by":"crossref","unstructured":"M. Fischlin, Communication-efficient non-interactive proofs of knowledge with online extractors, in V. Shoup, editor, Advances in Cryptology\u2014CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14\u201318, 2005, Proceedings, volume 3621 of Lecture Notes in Computer Science (Springer, 2005), pp. 152\u2013168","DOI":"10.1007\/11535218_10"},{"key":"9300_CR32","unstructured":"G. Fuchsbauer, Commuting signatures and verifiable encryption, in Advances in Cryptology\u2014EUROCRYPT 2011\u201430th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15\u201319, 2011. Proceedings (2011), pp. 224\u2013245"},{"key":"9300_CR33","unstructured":"G. Fuchsbauer, C. Hanser, D. Slamanig, Structure-preserving signatures on equivalence classes and constant-size anonymous credentials. Cryptology ePrint Archive, Report 2014\/944 (2014). http:\/\/eprint.iacr.org\/2014\/944 . Accessed 20 Mar 2016"},{"issue":"16","key":"9300_CR34","doi-asserted-by":"publisher","first-page":"3113","DOI":"10.1016\/j.dam.2007.12.010","volume":"156","author":"SD Galbraith","year":"2008","unstructured":"S. D. Galbraith, K. G. Paterson, N. P. Smart, Pairings for cryptographers. Discrete Applied Mathematics 156(16), 3113\u20133121 (2008)","journal-title":"Discrete Appl. Math."},{"issue":"2","key":"9300_CR35","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1137\/0217017","volume":"17","author":"S Goldwasser","year":"1988","unstructured":"S. Goldwasser, S. Micali, R. Rivest, A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing. 17(2), 281\u2013308 (April 1988)","journal-title":"SIAM J. Comput."},{"key":"9300_CR36","unstructured":"J. Groth, Fully anonymous group signatures without random oracles, in Advances in Cryptology\u2014ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2\u20136, 2007, Proceedings (2007), pp. 164\u2013180"},{"key":"9300_CR37","unstructured":"J. Groth, Efficient fully structure-preserving signatures for large messages, in Advances in Cryptology\u2014ASIACRYPT 2015\u201421st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29\u2013December 3, 2015, Proceedings, Part I (2015), pp. 239\u2013259"},{"issue":"5","key":"9300_CR38","doi-asserted-by":"publisher","first-page":"1193","DOI":"10.1137\/080725386","volume":"41","author":"J Groth","year":"2012","unstructured":"J. Groth, A. Sahai, Efficient noninteractive proof systems for bilinear groups. SIAM J. Comput. 41(5), 1193\u20131232 (2012)","journal-title":"SIAM J. Comput."},{"key":"9300_CR39","doi-asserted-by":"crossref","unstructured":"S. Hada, T. Tanaka, On the existence of 3-round zero-knowledge protocols, in H. Krawczyk, editor, Advances in Cryptology\u2014CRYPTO \u201998, volume 1462 of LNCS (Springer, 1998), pp. 354\u2013369. Full version available from IACR e-print archive 1999\/009","DOI":"10.1007\/BFb0055744"},{"key":"9300_CR40","unstructured":"T. Jager, F. Kohlar, S. Sch\u00e4ge, J. Schwenk, Generic compilers for authenticated key exchange, in Advances in Cryptology\u2014ASIACRYPT 2010\u201416th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 5\u20139, 2010. Proceedings (2010), pp. 232\u2013249"},{"key":"9300_CR41","doi-asserted-by":"crossref","unstructured":"B. Libert, T. Peters, M. Joye, M. Yung, Linearly homomorphic structure-preserving signatures and their applications, in R. Canetti and J. Garay, editors, Advances in Cryptology\u2014CRYPTO, LNCS (Springer, 2013)","DOI":"10.1007\/978-3-642-40084-1_17"},{"key":"9300_CR42","unstructured":"U. M. Maurer, Abstract models of computation in cryptography, in N. P. Smart, editor, Cryptography and Coding, 10th IMA International Conference, Cirencester, UK, December 19\u201321, 2005, Proceedings, volume 3796 of Lecture Notes in Computer Science (Springer, 2005), pp. 1\u201312"},{"key":"9300_CR43","unstructured":"S. Meiklejohn, An extension of the Groth-Sahai proof system, in Brown University Masters thesis (2009)"},{"key":"9300_CR44","unstructured":"S. Micali, K. Ohta, L. Reyzin, Accountable-subgroup multisignatures: extended abstract, in CCS 2001, Proceedings of the 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, USA, November 6\u20138, 2001 (2001), pp. 245\u2013254"},{"issue":"2","key":"9300_CR45","first-page":"91","volume":"55","author":"VI Nechaev","year":"1994","unstructured":"V. I. Nechaev, Complexity of a determinate algorithm for the discrete logarithm. Mat. Zametki 55(2), 91\u2013101 (1994)","journal-title":"Mat. Zametki"},{"key":"9300_CR46","unstructured":"T. Ristenpart, S. Yilek, The power of proofs-of-possession: Securing multiparty signatures against rogue-key attacks, in Advances in Cryptology\u2014EUROCRYPT 2007, 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Barcelona, Spain, May 20\u201324, 2007, Proceedings (2007), pp. 228\u2013245"},{"key":"9300_CR47","unstructured":"R. L. Rivest, A. Shamir, Y. Tauman, How to leak a secret, in Advances in Cryptology\u2014ASIACRYPT 2001, 7th International Conference on the Theory and Application of Cryptology and Information Security, Gold Coast, Australia, December 9\u201313, 2001, Proceedings (2001), pp. 552\u2013565"},{"key":"9300_CR48","unstructured":"V. Shoup, Lower bounds for discrete logarithms and related problems, in EUROCRYPT, volume 1233 of LNCS (1997), pp. 256\u2013266"},{"issue":"4","key":"9300_CR49","doi-asserted-by":"publisher","first-page":"538","DOI":"10.1016\/j.dam.2006.07.004","volume":"155","author":"N Smart","year":"2007","unstructured":"N. Smart, F. Vercauteren, On computable isomorphisms in efficient asymmetric pairing-based systems. Discrete Applied Mathematics 155(4), 538 \u2013 547 (2007)","journal-title":"Discrete Appl. Math."},{"key":"9300_CR50","unstructured":"Y. Wang, Z. Zhang, T. Matsuda, G. Hanaoka, K. Tanaka, How to obtain fully structure-preserving (automorphic) signatures from structure-preserving ones. in J. H. Cheon and T. Takagi, editors, Advances in Cryptology\u2014ASIACRYPT 2016\u201422nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4\u20138, 2016, Proceedings, Part II, volume 10032 of Lecture Notes in Computer Science (2016), pp. 465\u2013495"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-018-9300-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-018-9300-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-018-9300-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,4]],"date-time":"2023-09-04T07:06:20Z","timestamp":1693811180000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-018-9300-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,8,8]]},"references-count":50,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2019,7]]}},"alternative-id":["9300"],"URL":"https:\/\/doi.org\/10.1007\/s00145-018-9300-5","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,8,8]]},"assertion":[{"value":"31 August 2016","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 April 2018","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 August 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}