Confidential signatures and deterministic signcryption

Dent A, Fischlin M, Manulis M, Stam M, Schröder D (2010)

Publication Status: Published

Publication Type: Authored book, Volume of book series

Publication year: 2010

Series: Public Key Cryptography - PKC 2010

Pages Range: 462-479

Event location: Paris

ISBN: 9783642130120

DOI: 10.1007/978-3-642-13013-7_27


Encrypt-and-sign, where one encrypts and signs a message in parallel, is usually not recommended for confidential message transmission as the signature may leak information about the message. This motivates our investigation of confidential signature schemes, which hide all information about (high-entropy) input messages. In this work we provide a formal treatment of confidentiality for such schemes. We give constructions meeting our notions, both in the random oracle model and the standard model. As part of this we show that full domain hash signatures achieve a weaker level of confidentiality than Fiat-Shamir signatures. We then examine the connection of confidential signatures to signcryption schemes. We give formal security models for deterministic signcryption schemes for high-entropy and low-entropy messages, and prove encrypt-and-sign to be secure for confidential signature schemes and high-entropy messages. Finally, we show that one can derandomize any signcryption scheme in our model and obtain a secure deterministic scheme. © 2010 Springer-Verlag Berlin Heidelberg.

Authors with CRIS profile

How to cite


Dent, A., Fischlin, M., Manulis, M., Stam, M., & Schröder, D. (2010). Confidential signatures and deterministic signcryption.


Dent, Alexander, et al. Confidential signatures and deterministic signcryption. 2010.

BibTeX: Download