{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,20]],"date-time":"2026-04-20T06:20:08Z","timestamp":1776666008683,"version":"3.51.2"},"reference-count":43,"publisher":"Springer Science and Business Media LLC","issue":"11","license":[{"start":{"date-parts":[[2018,2,2]],"date-time":"2018-02-02T00:00:00Z","timestamp":1517529600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/100010669","name":"H2020 LEIT Information and Communication Technologies","doi-asserted-by":"publisher","award":["644962"],"award-info":[{"award-number":["644962"]}],"id":[{"id":"10.13039\/100010669","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2018,11]]},"DOI":"10.1007\/s10623-018-0460-y","type":"journal-article","created":{"date-parts":[[2018,2,2]],"date-time":"2018-02-02T02:50:35Z","timestamp":1517539835000},"page":"2525-2547","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["Practical witness encryption for algebraic languages or how to encrypt under Groth\u2013Sahai proofs"],"prefix":"10.1007","volume":"86","author":[{"given":"David","family":"Derler","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniel","family":"Slamanig","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,2,2]]},"reference":[{"key":"460_CR1","unstructured":"Abdalla M., Chevalier C., Pointcheval D.: Smooth projective hashing for conditionally extractable commitments. In: Advances in Cryptology\u2014CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16\u201320, 2009. Proceedings, pp. 671\u2013689 (2009)."},{"key":"460_CR2","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-662-46803-6_3","volume-title":"Advances in Cryptology - EUROCRYPT 2015","author":"Michel Abdalla","year":"2015","unstructured":"Abdalla M., Benhamouda F., Pointcheval D.: Disjunctions for hash proof systems: new constructions and applications. In: Advances in Cryptology\u2014EUROCRYPT 2015\u201434th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26\u201330, 2015, Proceedings, Part II, pp. 69\u2013100 (2015). \n                    https:\/\/doi.org\/10.1007\/978-3-662-46803-6_3\n                    \n                  ."},{"key":"460_CR3","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1007\/978-3-319-39555-5_16","volume-title":"Applied Cryptography and Network Security","author":"Hamza Abusalah","year":"2016","unstructured":"Abusalah H., Fuchsbauer G., Pietrzak K.: Offline witness encryption. In: Applied Cryptography and Network Security\u201414th International Conference, ACNS 2016, Guildford, UK, June 19\u201322, 2016. Proceedings, pp. 285\u2013303 (2016). \n                    https:\/\/doi.org\/10.1007\/978-3-319-39555-5_16\n                    \n                  ."},{"key":"460_CR4","doi-asserted-by":"crossref","unstructured":"Akinyele J.A., Garman C., Hohenberger S.: Automating fast and secure translations from type-I to type-III pairing schemes. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12\u20136, 2015, pp. 1370\u20131381 (2015)","DOI":"10.1145\/2810103.2813601"},{"key":"460_CR5","first-page":"704","volume":"2013","author":"M Bellare","year":"2013","unstructured":"Bellare M., Hoang V.T.: Adaptive witness encryption and asymmetric password-based cryptography. IACR Cryptol. ePrint Arch. 2013, 704 (2013).","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"460_CR6","doi-asserted-by":"publisher","first-page":"520","DOI":"10.1007\/978-3-642-54631-0_30","volume-title":"Public-Key Cryptography \u2013 PKC 2014","author":"Mihir Bellare","year":"2014","unstructured":"Bellare M., Fuchsbauer G.: Policy-based signatures. In: Public-Key Cryptography\u2014PKC 2014\u201417th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, March 26\u201328, 2014, Proceedings, pp. 520\u2013537 (2014). \n                    https:\/\/doi.org\/10.1007\/978-3-642-54631-0_30\n                    \n                  ."},{"key":"460_CR7","unstructured":"Bellare M., Hoang V.T.: Adaptive witness encryption and asymmetric password-based cryptography. In: Public-Key Cryptography\u2014PKC 2015\u201418th IACR International Conference on Practice and Theory in Public-Key Cryptography, Gaithersburg, MD, USA, March 30\u2013April 1, 2015, Proceedings, pp. 308\u2013331 (2015)."},{"key":"460_CR8","unstructured":"Benhamouda F., Blazy O., Chevalier C., Pointcheval D., Vergnaud D.: Efficient UC-secure authenticated key-exchange for algebraic languages. In: PKC. LNCS, vol. 7778, pp. 272\u2013291. Springer (2013)."},{"key":"460_CR9","doi-asserted-by":"crossref","unstructured":"Benhamouda F., Blazy O., Chevalier C., Pointcheval D., Vergnaud D.: New techniques for SPHFs and efficient one-round PAKE protocols. In: Advances in Cryptology\u2014CRYPTO 2013\u201433rd Annual Cryptology Conference, Santa Barbara, CA, USA, August 18\u201322, 2013, Proceedings, Part I, pp. 449\u2013475 (2013).","DOI":"10.1007\/978-3-642-40041-4_25"},{"key":"460_CR10","doi-asserted-by":"publisher","first-page":"339","DOI":"10.1007\/978-3-662-53890-6_12","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"Olivier Blazy","year":"2016","unstructured":"Blazy O., Chevalier C.: Structure-preserving smooth projective hashing. In: Advances in Cryptology\u2014ASIACRYPT 2016\u201422nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4\u20138, 2016, Proceedings, Part II, pp. 339\u2013369 (2016). \n                    https:\/\/doi.org\/10.1007\/978-3-662-53890-6_12\n                    \n                  ."},{"key":"460_CR11","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1007\/3-540-44647-8_13","volume-title":"Advances in Cryptology \u2014 CRYPTO 2001","author":"Dan Boneh","year":"2001","unstructured":"Boneh D., Franklin M.K.: Identity-based encryption from the weil pairing. In: Advances in Cryptology\u2014CRYPTO 2001, 21st Annual International Cryptology Conference, pp. 213\u2013229 (2001)."},{"key":"460_CR12","unstructured":"Boneh D., Boyen X., Shacham H.: Short group signatures. In: Advances in Cryptology\u2014CRYPTO 2004, 24th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 15\u201319, 2004, Proceedings, pp. 41\u201355 (2004)."},{"key":"460_CR13","doi-asserted-by":"crossref","unstructured":"Canetti R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd Annual Symposium on Foundations of Computer Science, FOCS 2001, 14\u201317 October 2001, Las Vegas, NV, USA, pp. 136\u2013145 (2001).","DOI":"10.1109\/SFCS.2001.959888"},{"key":"460_CR14","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1007\/978-3-319-10879-7_8","volume-title":"Lecture Notes in Computer Science","author":"Yu Chen","year":"2014","unstructured":"Chen Y., Zhang Z.: Publicly evaluable pseudorandom functions and their applications. In: Security and Cryptography for Networks\u20149th International Conference, SCN 2014, Amalfi, Italy, September 3\u20135, 2014, Proceedings, pp. 115\u2013134 (2014). \n                    https:\/\/doi.org\/10.1007\/978-3-319-10879-7_8\n                    \n                  ."},{"key":"460_CR15","unstructured":"Chevalier C., Fouque P., Pointcheval D., Zimmer S.: Optimal randomness extraction from a Diffie-Hellman element. In: Advances in Cryptology\u2014EUROCRYPT 2009, 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, Germany, April 26\u201330, 2009, Proceedings, pp. 572\u2013589 (2009)."},{"key":"460_CR16","unstructured":"Cramer R., Shoup V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Advances in Cryptology\u2014CRYPTO \u201998, 18th Annual International Cryptology Conference, Santa Barbara, California, USA, August 23\u201327, 1998, Proceedings, pp. 13\u201325 (1998)."},{"key":"460_CR17","unstructured":"Cramer R., Shoup V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Advances in Cryptology\u2014EUROCRYPT 2002, International Conference on the Theory and Applications of Cryptographic Techniques, Amsterdam, The Netherlands, April 28\u2013May 2, 2002, Proceedings, pp. 45\u201364 (2002)."},{"key":"460_CR18","doi-asserted-by":"crossref","unstructured":"Crescenzo G.D., Ostrovsky R., Rajagopalan S.: Conditional oblivious transfer and timed-release encryption. In: Advances in Cryptology\u2014EUROCRYPT \u201999, International Conference on the Theory and Application of Cryptographic Techniques, Prague, Czech Republic, May 2\u20136, 1999, Proceeding, pp. 74\u201389 (1999).","DOI":"10.1007\/3-540-48910-X_6"},{"key":"460_CR19","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-642-40084-1_8","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"Alex Escala","year":"2013","unstructured":"Escala A., Herold G., Kiltz E., R\u00e0fols C., Villar J.L.: An algebraic framework for Diffie-Hellman assumptions. In: Advances in Cryptology\u2014CRYPTO 2013\u201433rd Annual Cryptology Conference, Santa Barbara, CA, USA, August 18\u201322, 2013, Proceedings, Part II, pp. 129\u2013147 (2013). \n                    https:\/\/doi.org\/10.1007\/978-3-642-40084-1_8\n                    \n                  ."},{"key":"460_CR20","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/978-3-662-54365-8_6","volume-title":"Lecture Notes in Computer Science","author":"Antonio Faonio","year":"2017","unstructured":"Faonio A., Nielsen J.B., Venturi D.: Predictable arguments of knowledge. In: Public-Key Cryptography\u2014PKC 2017\u201420th IACR International Conference on Practice and Theory in Public-Key Cryptography, Amsterdam, The Netherlands, March 28\u201331, 2017, Proceedings, Part I, pp. 121\u2013150 (2017). \n                    https:\/\/doi.org\/10.1007\/978-3-662-54365-8_6\n                    \n                  ."},{"key":"460_CR21","doi-asserted-by":"crossref","unstructured":"Garg S., Gentry C., Halevi S., Raykova M., Sahai A., Waters B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: 54th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2013, 26\u201329 October, 2013, Berkeley, CA, USA, pp. 40\u201349 (2013).","DOI":"10.1109\/FOCS.2013.13"},{"key":"460_CR22","doi-asserted-by":"crossref","unstructured":"Garg S., Gentry C., Sahai A., Waters B.: Witness encryption and its applications. In: Symposium on Theory of Computing Conference, STOC\u201913, Palo Alto, CA, USA, June 1\u20134, 2013, pp. 467\u2013476 (2013).","DOI":"10.1145\/2488608.2488667"},{"key":"460_CR23","doi-asserted-by":"crossref","unstructured":"Garg S., Gentry C., Halevi S., Wichs D.: On the implausibility of differing-inputs obfuscation and extractable witness encryption with auxiliary input. In: Advances in Cryptology\u2014CRYPTO 2014\u201434th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17\u201321, 2014, Proceedings, Part I, pp. 518\u2013535 (2014).","DOI":"10.1007\/978-3-662-44371-2_29"},{"issue":"2","key":"460_CR24","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1145\/1151414.1151418","volume":"9","author":"Rosario Gennaro","year":"2006","unstructured":"Gennaro R., Lindell Y.: A framework for password-based authenticated key exchange 1. ACM Trans. Inf. Syst. Secur. 9(2), 181\u2013234 (2006). \n                    https:\/\/doi.org\/10.1145\/1151414.1151418\n                    \n                  .","journal-title":"ACM Transactions on Information and System Security"},{"key":"460_CR25","doi-asserted-by":"crossref","unstructured":"Gentry C., Lewko A.B., Waters B.: Witness encryption from instance independent assumptions. In: Advances in Cryptology\u2014CRYPTO 2014\u201434th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17\u201321, 2014, Proceedings, Part I, pp. 426\u2013443 (2014).","DOI":"10.1007\/978-3-662-44371-2_24"},{"issue":"2","key":"460_CR26","doi-asserted-by":"publisher","first-page":"270","DOI":"10.1016\/0022-0000(84)90070-9","volume":"28","author":"S Goldwasser","year":"1984","unstructured":"Goldwasser S., Micali S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270\u2013299 (1984).","journal-title":"J. Comput. Syst. Sci."},{"key":"460_CR27","doi-asserted-by":"crossref","unstructured":"Goldwasser S., Kalai Y.T., Popa R.A., Vaikuntanathan V., Zeldovich N.: How to run turing machines on encrypted data. In: Advances in Cryptology\u2014CRYPTO 2013\u201433rd Annual Cryptology Conference, Santa Barbara, CA, USA, August 18\u201322, 2013. Proceedings, Part II, pp. 536\u2013553 (2013).","DOI":"10.1007\/978-3-642-40084-1_30"},{"key":"460_CR28","unstructured":"Groth J., Sahai A.: Efficient non-interactive proof systems for bilinear groups. Cryptology ePrint Arch., Report 2007\/155 (2007)."},{"key":"460_CR29","doi-asserted-by":"crossref","unstructured":"Groth J., Sahai A.: Efficient non-interactive proof systems for bilinear groups. In: Advances in Cryptology\u2014EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 415\u2013432 (2008).","DOI":"10.1007\/978-3-540-78967-3_24"},{"issue":"4","key":"460_CR30","doi-asserted-by":"publisher","first-page":"1364","DOI":"10.1137\/S0097539793244708","volume":"28","author":"J H\u00e5stad","year":"1999","unstructured":"H\u00e5stad J., Impagliazzo R., Levin L.A., Luby M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364\u20131396 (1999).","journal-title":"SIAM J. Comput."},{"key":"460_CR31","first-page":"478","volume":"2015","author":"T Jager","year":"2015","unstructured":"Jager T.: How to build time-lock encryption. IACR Cryptol. ePrint Arch. 2015, 478 (2015).","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"460_CR32","unstructured":"Jarecki S.: Practical covert authentication. In: Public-Key Cryptography\u2014PKC 2014\u201417th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, March 26\u201328, 2014, Proceedings, pp. 611\u2013629 (2014)."},{"key":"460_CR33","unstructured":"Jarecki S., Liu X.: Private mutual authentication and conditional oblivious transfer. In: Advances in Cryptology\u2014CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16\u201320, 2009, Proceedings, pp. 90\u2013107 (2009)."},{"key":"460_CR34","doi-asserted-by":"publisher","DOI":"10.1201\/9781420010756","volume-title":"Introduction to modern cryptography","author":"J Katz","year":"2007","unstructured":"Katz J., Lindell Y.: Introduction to modern cryptography. Chapman and Hall\/CRC Press, Boca Raton (2007)."},{"key":"460_CR35","unstructured":"Katz J., Vaikuntanathan V.: Round-optimal password-based authenticated key exchange. In: Theory of Cryptography\u20148th Theory of Cryptography Conference, TCC 2011, Providence, RI, USA, March 28\u201330, 2011, Proceedings, pp. 293\u2013310 (2011)."},{"key":"460_CR36","doi-asserted-by":"crossref","unstructured":"Kiayias A., Tsiounis Y., Yung M.: Group encryption. In: Advances in Cryptology\u2014ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, pp. 181\u2013199 (2007).","DOI":"10.1007\/978-3-540-76900-2_11"},{"key":"460_CR37","doi-asserted-by":"publisher","first-page":"590","DOI":"10.1007\/978-3-642-01001-9_34","volume-title":"Advances in Cryptology - EUROCRYPT 2009","author":"Eike Kiltz","year":"2009","unstructured":"Kiltz E., Pietrzak K., Stam M., Yung M.: A new randomness extraction paradigm for hybrid encryption. In: Advances in Cryptology\u2014EUROCRYPT 2009, 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 590\u2013609 (2009)."},{"key":"460_CR38","unstructured":"Kurosawa K., Desmedt Y.: A new paradigm of hybrid encryption scheme. In: Advances in Cryptology\u2014CRYPTO 2004, 24th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15\u201319, 2004, Proceedings, pp. 426\u2013442 (2004)."},{"key":"460_CR39","first-page":"2016","volume":"482","author":"J Liu","year":"2015","unstructured":"Liu J., Kakvi S.A., Warinschi B.: Extractable witness encryption and timed-release encryption from bitcoin. IACR Cryptol. ePrint Arch. 482, 2016 (2015).","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"460_CR40","volume-title":"Time-Lock Puzzles and Timed-Release Crypto","author":"RL Rivest","year":"1996","unstructured":"Rivest R.L., Shamir A., Wagner D.A.: Time-Lock Puzzles and Timed-Release Crypto. Technical Report. Massachusetts Institute of Technology, Cambridge (1996)."},{"key":"460_CR41","first-page":"457","volume-title":"Lecture Notes in Computer Science","author":"Amit Sahai","year":"2005","unstructured":"Sahai A., Waters B.: Fuzzy identity-based encryption. In: Advances in Cryptology\u2014EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 457\u2013473 (2005)."},{"key":"460_CR42","unstructured":"Wee H.: Efficient chosen-ciphertext security via extractable hash proofs. In: Advances in Cryptology\u2014CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15\u201319, 2010, Proceedings, pp. 314\u2013332 (2010)."},{"key":"460_CR43","doi-asserted-by":"publisher","first-page":"421","DOI":"10.1007\/978-3-662-49099-0_16","volume-title":"Theory of Cryptography","author":"Mark Zhandry","year":"2015","unstructured":"Zhandry, M.: How to avoid obfuscation using witness PRFs. In: Theory of Cryptography\u201413th International Conference, TCC 2016-A, LNCS, vol. 9563, pp. 421\u2013448. Springer (2016). \n                    https:\/\/doi.org\/10.1007\/978-3-662-49099-0_16\n                    \n                  ."}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10623-018-0460-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-018-0460-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-018-0460-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,2,1]],"date-time":"2019-02-01T20:26:52Z","timestamp":1549052812000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10623-018-0460-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,2,2]]},"references-count":43,"journal-issue":{"issue":"11","published-print":{"date-parts":[[2018,11]]}},"alternative-id":["460"],"URL":"https:\/\/doi.org\/10.1007\/s10623-018-0460-y","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"value":"0925-1022","type":"print"},{"value":"1573-7586","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,2,2]]},"assertion":[{"value":"7 June 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"17 November 2017","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"9 January 2018","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 February 2018","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}