Paper 2010/200

Generic Constructions for Verifiably Encrypted Signatures without Random Oracles or NIZKs

Markus Rückert, Michael Schneider, and Dominique Schröder


Verifiably encrypted signature schemes (VES) allow a signer to encrypt his or her signature under the public key of a trusted third party, while maintaining public signature verifiability. With our work, we propose two generic constructions based on Merkle authentication trees that do not require non-interactive zero-knowledge proofs (NIZKs) for maintaining verifiability. Both are stateful and secure in the standard model. Furthermore, we extend the specification for VES, bringing it closer to real-world needs. We also argue that statefulness can be a feature in common business scenarios. Our constructions rely on the assumption that CPA (even slightly weaker) secure encryption, ``maskable'' CMA secure signatures, and collision resistant hash functions exist. ``Maskable'' means that a signature can be hidden in a verifiable way using a secret masking value. Unmasking the signature is hard without knowing the secret masking value. We show that our constructions can be instantiated with a broad range of efficient signature and encryption schemes, including two lattice-based primitives. Thus, VES schemes can be based on the hardness of worst-case lattice problems, making them secure against subexponential and quantum-computer attacks. Among others, we provide the first efficient pairing-free instantiation in the standard model.

Note: Preliminary draft.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Generic constructionMerkle treepost-quantumstandard model
Contact author(s)
markus rueckert @ cased de
2010-04-17: revised
2010-04-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Markus Rückert and Michael Schneider and Dominique Schröder},
      title = {Generic Constructions for Verifiably Encrypted Signatures without Random Oracles or {NIZKs}},
      howpublished = {Cryptology ePrint Archive, Paper 2010/200},
      year = {2010},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.